A link to the paper
Title
Requirements for Attribution on the Internet
Abstract
Introduction
The attribution dilemma
What is the attribution problem
Rakhem
Omi
Raghad
AbdelRahman
Why we need Attribution
- DoS
Attribution Attacks
- Stepping stone attack
- Forgery
- Identity theft
Requirements for internet attribution system
(Unstructured draft)
- Any potentially destructive act should be traceable to a person (and/or organization, group, etc)
- Traceability should not violate any current privacy-related laws and moral principles
- Attribution mapping should not be a bijection, in other words action should map to persons, but not vice versa
- Traceability information should be distributed
- It should be impossible to collect all traceability data in one place
- Personal data should be stored by trusted authorities (e.g. governments)
- Traceability information and personal data should be separated, a connection to be revealed only when needed
- Attribution system should be incrementally deployable
- Cost of setting up and maintaining the system for a particular body (person, organization, network) should be considerably less than average losses under current lack of attribution (e.g. DoS, identity theft, etc)
Related Work
2004: This paper uses both link identification and filtering for achieving IP traceback WITHOUT the presence of high network cooperation.