An IP Traceback Scheme Integrating DPM and PPM
نویسندگان
چکیده
IP traceback technology is an important means combating Denial of Service (DoS) attacks in Internet. This paper proposes a new IP traceback scheme constituting two parts: the first part is constructing a traceback tree by integrating Deterministic Packet Marking and Probabilistic Packet Marking, and the second part is getting attack routes by analyzing this traceback tree. Basing on performance analysis, we point out that our scheme is both efficient and robust against mark field spoofing.
منابع مشابه
Survey on Packet Marking Algorithms for IP Traceback
Distributed Denial of Service (DDoS) attack is an unavoidable attack. Among various attacks on the network, DDoS attacks are difficult to detect because of IP spoofing. The IP traceback is the only technique to identify DDoS attacks. The path affected by DDoS attack is identified by IP traceback approaches like Probabilistic Packet marking algorithm (PPM) and Deterministic Packet Marking algori...
متن کاملAccommodating fragmentation in deterministic packet marking for IP traceback
1 We propose a modification to the basic Deterministic Packet Marking (DPM), a promising IP traceback scheme, to handle fragmented traffic. The modification introduces no additional bandwidth overhead, but limited additional memory requirements and processing overhead on the DPM-enabled interface. Index Terms — Security, IP Traceback
متن کاملTracing Multiple Attackers with Deterministic Packet Marking (DPM)
The rising threat of cyber attacks, especially distributed denial-of-service (DDoS), makes the IP Traceback problem very relevant to today’s Internet security. IP Traceback is one of the security problems associated with identifying the source of the attack packets. This work presents a novel approach to IP Traceback Deterministic Packet Marking (DPM). The proposed approach is scalable, simple ...
متن کاملTraceback of Ddos Attacks Using Entropy Variations
Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet which deny normal service and degrade quality of service. However, the Network security mechanisms does not have effective and efficient methods to trace back the source of these attacks. In this paper, I propose a novel traceback method for DDoS attacks that is based on entropy variations between normal and DDoS...
متن کاملInternet Deployment of DPM-based IP Traceback
1 In this article, we introduce the Internet deployment guidelines for Deterministic Packet Marking (DPM) – a novel IP traceback method. Unlike other packet marking schemes, DPM cannot be deployed sporadically on the Internet. Therefore, in order to perform the traceback, a structured way of deployment is needed. Related to topology and deployment issues, discussion comparing the features of ot...
متن کامل