An Intelligent Approach of Packet Marking at Edge Router for IP Traceback
نویسندگان
چکیده
With the help of real source identity in packets, network security system can intelligently protect and counteract the attacks. Packet marking is an important method of source identification, and there are some issues on it. For large amount of packets, analysis time and complicated computation are necessary while detect marking information. This paper focuses on this direction, and proposes a simple and efficient method to mark all packets belonging to upstream traffic with a deterministic, plain form identity. With this approach, we just need low processing power on some specific edge routers as well as a little extra network traffic to settle it. Furthermore, distilling mark from packets is easy since the mark is in plain text format.
منابع مشابه
ROUTER INTERFACE BASED IP TRACEBACK METHOD FOR DDOS ATTACK IN IPV6 NETWORKS S.T.Shenbagavalli
DoS/DDoS attacks constitute one of the major classes of security threats in the Internet today. The attackers usually use IP spoofing to conceal their real location. The objective of IP traceback is to determine the real attack sources, as well as the full path taken by the attack packets. Traditional traceback schemes provide spoofed packets traceback capability either by augmenting the packet...
متن کاملToward a Practical Packet Marking Approach for IP Traceback
IP traceback is an important step in defending against denial-of-service (DoS) attacks. Probabilistic packet marking (PPM) has been studied as a promising approach to realize IP traceback. In this paper, we propose a new PPM approach that improves the current state of the art in two practical directions: (1) it improves the efficiency and accuracy of IP traceback and (2) it provides incentives ...
متن کاملAdaptive and Selective Packet Marking in Communication Networks
We propose a novel traceback approach that marks IP traffic by applying selective marking and reducing load mechanisms. Our technique is adaptive and is exploiting any specific properties that help characterizing an activity in communication traffic. It helps reducing problems such as processing overhead, bandwidth overload, detecting security attacks, and handling encrypted traffic. The select...
متن کاملTRACK: A Novel Approach for Defending Against Distributed Denial-of-Service Attacks
This paper presents a novel countermeasure against Distributed Denial-of-Service (DDoS) attacks that we call the rouTer poRt mArking and paCKet filtering (TRACK), which includes the functions of both IP traceback and packet filtering. TRACK is a comprehensive solution that is composed of two components: a router port marking module and a packet filtering module. The former is a novel packet mar...
متن کاملSWAPNILs PACKET MARKING AND TRACEBACKING (SPMT) TECHNIQUE FOR EFFICIENT IP TRACEBACK
There are many existing packet marking techniques [1] like probabilistic packet marking (PPM) [1][2][3[4], deterministic packet marking (DPM) [1][5][6], router-based approach (RBA)[7][8], and the like. In order for traceback mechanism to be competent in tracing, the mechanism should require minimum number of packets from the attacker to perform IP Traceback. A mechanism which takes minimum or f...
متن کامل