An Investigation about the Simulation of IP Traceback and Various IP Traceback Strategies

Distributed denial-of-service (DDoS) is a rapidly growing problem. The multitude and variety of both the attacks and the defense approaches is overwhelming. IP traceback – the ability to trace IP packets from source to destination – is a significant step toward identifying and, thus, stopping, attackers. The IP traceback is an important mechanism in defending against distributed denialof-service (DDoS) attacks. This paper constructs a simulation environment via extending ns2, setting attacking topology and traffic, which can be used to evaluate and compare the effectiveness of different traceback schemes. A comparison among some of the Packet Marking schemes is presented with several metrics, including the received packet number required for reconstructing the attacking path, computation complexity and false positive etc. The simulation approach also can be used to test the performing effects of different marking schemes in large-scale DDoS attacks. Based on the simulation and evaluation results, more efficient and effective algorithms, techniques and procedures to combat these attacks may be developed.