Openly accessible

A defense system against DDoS attacks by large-scale IP traceback

Xiang, Yang and Zhou, Wanlei 2005, A defense system against DDoS attacks by large-scale IP traceback, in Third International Conference on Information Technology and Applications : 4-7 July 2005, Sydney, Australia : proceedings, IEEE Computer Society, Los Alamitos, Calif., pp. 431-436.

Attached Files
Name Description MIMEType Size Downloads
zhou-defensesystem-2005.pdf Published version application/pdf 114.92KB 78

Title A defense system against DDoS attacks by large-scale IP traceback
Author(s) Xiang, Yang
Zhou, Wanlei
Conference name International Conference on Information Technology and Applications (3rd : 2005 : Sydney, Australia)
Conference location Sydney, Australia
Conference dates 4-7 July 2005
Title of proceedings Third International Conference on Information Technology and Applications : 4-7 July 2005, Sydney, Australia : proceedings
Editor(s) He, X.
Hintz, T.
Piccardi, M.
Wu, Q.
Huang, M.
Tien, D.
Publication date 2005
Conference series International Conference on Information Technology and Applications
Start page 431
End page 436
Publisher IEEE Computer Society
Place of publication Los Alamitos, Calif.
Keyword(s) IP networks
protocols
security of data
telecommunication network routing
telecommunication security
Summary In this paper, we present a new approach, called Flexible Deterministic Packet Marking (FDPM), to perform a large-scale IP traceback to defend against Distributed Denial of Service (DDoS) attacks. In a DDoS attack the victim host or network is usually attacked by a large number of spoofed IP packets coming from multiple sources. IP traceback is the ability to trace the IP packets to their sources without relying on the source address field of the IP header. FDPM provides many flexible features to trace the IP packets and can obtain better tracing capability than current IP traceback mechanisms, such as Probabilistic Packet Marking (PPM), and Deterministic Packet Marking (DPM). The flexibilities of FDPM are in two ways, one is that it can adjust the length of marking field according to the network protocols deployed; the other is that it can adjust the marking rate according to the load of participating routers. The implementation and evaluation demonstrates that the FDPM needs moderately only a small number of packets to complete the traceback process; and can successfully perform a large-scale IP traceback, for example, trace up to 110,000 sources in a single incident response. It has a built-in overload prevention mechanism, therefore this scheme can perform a good traceback process even it is heavily loaded.
Notes This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
ISBN 0769523161
9780769523163
Language eng
Field of Research 100503 Computer Communications Networks
Socio Economic Objective 970110 Expanding Knowledge in Technology
HERDC Research category E1 Full written paper - refereed
Copyright notice ©2005, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30005737

Document type: Conference Paper
Collections: School of Information Technology
Open Access Collection
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.

Versions
Version Filter Type
Access Statistics: 513 Abstract Views, 78 File Downloads  -  Detailed Statistics
Created: Mon, 07 Jul 2008, 09:53:32 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.