Towards Improving an Algebraic Marking Scheme for Tracing DDoS Attacks
نویسندگان
چکیده
Distributed Denial of Service (DDoS ) attacks could be considered as one of the most serious security problems to the Internet today. To locate the sources of the attack packets, we usually need to find the paths through which the attack packets traversed from the sources to the victim. In this paper, we identify the weaknesses of an existing algebraic marking scheme for tracing DDoS attacks, and propose an improved version of the marking scheme. Simulation experiment results show that the proposed marking scheme could achieve a high success rate in tracing the attack sources. When compared with other marking schemes, it requires fewer packets for attack paths reconstruction. Further, it is characterized by generating no false positives, creating no additional traffic to the network, having a relatively low packet marking and attack path reconstruction overhead, and being backward compatible.
منابع مشابه
An IP Traceback Technique against Denial-of-Service Attacks
Reflector attack [9] belongs to one of the most serious types of Denial-of-Service (DoS) attacks, which can hardly be traced by contemporary traceback techniques, since the marked information written by any routers between the attacker and the reflectors will be lost in the replied packets from the reflectors. We propose in this paper a reflective algebraic marking scheme for tracing DoS and DD...
متن کاملTracing Multiple Attackers with Deterministic Packet Marking (DPM)
The rising threat of cyber attacks, especially distributed denial-of-service (DDoS), makes the IP Traceback problem very relevant to today’s Internet security. IP Traceback is one of the security problems associated with identifying the source of the attack packets. This work presents a novel approach to IP Traceback Deterministic Packet Marking (DPM). The proposed approach is scalable, simple ...
متن کاملResistance against Distributed Denial of Service Attacks (DDoS) Using Bandwidth Based Admission Control
Internet hosts are threatened by large-scale Distributed Denial ofService (DDoS) attacks. The Path Identification DDoS defense scheme has recently been proposed as a deterministic packet marking scheme that allows a DDoS victim to filter out attack packets on a per packet basis with high accuracy after only a few attack packets are received. The previous work suggested depicts the Stack Path id...
متن کاملOn deterministic packet marking
In this article, we present a novel approach to IP Traceback – deterministic packet marking (DPM). DPM is based on marking all packets at ingress interfaces. DPM is scalable, simple to implement, and introduces no bandwidth and practically no processing overhead on the network equipment. It is capable of tracing thousands of simultaneous attackers during a DDoS attack. Given sufficient deployme...
متن کاملResistance against Distributed Denial of Service Attacks (DDoS) Using Bandwidth Based Admission Control
Internet hosts are threatened by large-scale Distributed Denial ofService (DDoS) attacks. The Path Identification DDoS defense scheme has recently been proposed as a deterministic packet marking scheme that allows a DDoS victim to filter out attack packets on a per packet basis with high accuracy after only a few attack packets are received. The previous work suggested depicts the Stack Path id...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- I. J. Network Security
دوره 9 شماره
صفحات -
تاریخ انتشار 2009