Internet Deployment of DPM-based IP Traceback

نویسندگان

  • Andrey Belenky
  • Nirwan Ansari
چکیده

1 In this article, we introduce the Internet deployment guidelines for Deterministic Packet Marking (DPM) – a novel IP traceback method. Unlike other packet marking schemes, DPM cannot be deployed sporadically on the Internet. Therefore, in order to perform the traceback, a structured way of deployment is needed. Related to topology and deployment issues, discussion comparing the features of other full path schemes and ingress packet filtering to those of DPM is also presented.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

On deterministic packet marking

In this article, we present a novel approach to IP Traceback – deterministic packet marking (DPM). DPM is based on marking all packets at ingress interfaces. DPM is scalable, simple to implement, and introduces no bandwidth and practically no processing overhead on the network equipment. It is capable of tracing thousands of simultaneous attackers during a DDoS attack. Given sufficient deployme...

متن کامل

Tracing Multiple Attackers with Deterministic Packet Marking (DPM)

The rising threat of cyber attacks, especially distributed denial-of-service (DDoS), makes the IP Traceback problem very relevant to today’s Internet security. IP Traceback is one of the security problems associated with identifying the source of the attack packets. This work presents a novel approach to IP Traceback Deterministic Packet Marking (DPM). The proposed approach is scalable, simple ...

متن کامل

Traceback of Ddos Attacks Using Entropy Variations

Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet which deny normal service and degrade quality of service. However, the Network security mechanisms does not have effective and efficient methods to trace back the source of these attacks. In this paper, I propose a novel traceback method for DDoS attacks that is based on entropy variations between normal and DDoS...

متن کامل

Accommodating fragmentation in deterministic packet marking for IP traceback

1 We propose a modification to the basic Deterministic Packet Marking (DPM), a promising IP traceback scheme, to handle fragmented traffic. The modification introduces no additional bandwidth overhead, but limited additional memory requirements and processing overhead on the DPM-enabled interface. Index Terms — Security, IP Traceback

متن کامل

An IP Traceback Scheme Integrating DPM and PPM

IP traceback technology is an important means combating Denial of Service (DoS) attacks in Internet. This paper proposes a new IP traceback scheme constituting two parts: the first part is constructing a traceback tree by integrating Deterministic Packet Marking and Probabilistic Packet Marking, and the second part is getting attack routes by analyzing this traceback tree. Basing on performance...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • CIT

دوره 16  شماره 

صفحات  -

تاریخ انتشار 2008