A dynamical deterministic packet marking scheme for DDoS traceback

Yu,S, Zhou,W, Guo,S and Guo,M 2013, A dynamical deterministic packet marking scheme for DDoS traceback, in IEEE GLOBECOM 2013 : The power of global communications : Proceedings of the IEEE Global Communications 2013 conference, exhibition and industry forum, IEEE, Piscataway, N.J., pp. 729-734, doi: 10.1109/GLOCOM.2013.6831159.

Attached Files
Name Description MIMEType Size Downloads

Title A dynamical deterministic packet marking scheme for DDoS traceback
Author(s) Yu,SORCID iD for Yu,S orcid.org/0000-0003-4485-6743
Zhou,WORCID iD for Zhou,W orcid.org/0000-0002-1680-2521
Guo,S
Guo,M
Conference name IEEE Global Communications. Conference, Exhibition and Industry Forum (57th : 2013 : Atlanta, Georgia)
Conference location Atlanta, Georgia
Conference dates 9-13 Dec. 2013
Title of proceedings IEEE GLOBECOM 2013 : The power of global communications : Proceedings of the IEEE Global Communications 2013 conference, exhibition and industry forum
Editor(s) Bjelajac, Branko
Publication date 2013
Conference series IEEE Global Communications Conference, Exhibition and Industry Forum
Start page 729
End page 734
Total pages 6
Publisher IEEE
Place of publication Piscataway, N.J.
Keyword(s) DDoS
Deterministic packet marking
traceback
Summary DDoS attack source traceback is an open and challenging problem. Deterministic packet marking (DPM) is a simple and relatively effective traceback scheme among the available traceback methods. However, the existing DPM schemes inheret a critical drawback of scalability in tracing all possible attack sources, which roots at their static mark encoding and attempt to mark all Internet routers for their traceback purpose. We find that a DDoS attack session usually involves a limited number of attack sources, e.g. at the thousand level. In order to achieve the traceback goal, we only need to mark these attack related routers. We therefore propose a novel Marking on Demand (MOD) scheme based on the DPM mechanism to dynamical distribute marking IDs in both temporal and space dimensions. The proposed MOD scheme can traceback to all possible sources of DDoS attacks, which is not possible for the existing DPM schemes. We thoroughly compare the proposed MOD scheme with two dominant DPM schemes through theoretical analysis and experiments. The the results demonstrate that the MOD scheme outperforms the existing DPM schemes. © 2013 IEEE.
ISBN 9781479913534
Language eng
DOI 10.1109/GLOCOM.2013.6831159
Field of Research 080604 Database Management
Socio Economic Objective 970108 Expanding Knowledge in the Information and Computing Sciences
HERDC Research category E1.1 Full written paper - refereed
ERA Research output type E Conference publication
Copyright notice ©2013, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30067483

Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Versions
Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 5 times in TR Web of Science
Scopus Citation Count Cited 9 times in Scopus
Google Scholar Search Google Scholar
Access Statistics: 360 Abstract Views, 4 File Downloads  -  Detailed Statistics
Created: Fri, 14 Nov 2014, 15:12:19 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.