Deakin University
Browse

A defense system against DDoS attacks by large-scale IP traceback

Download (114.93 kB)
conference contribution
posted on 2005-01-01, 00:00 authored by Yang Xiang, Wanlei Zhou
In this paper, we present a new approach, called Flexible Deterministic Packet Marking (FDPM), to perform a large-scale IP traceback to defend against Distributed Denial of Service (DDoS) attacks. In a DDoS attack the victim host or network is usually attacked by a large number of spoofed IP packets coming from multiple sources. IP traceback is the ability to trace the IP packets to their sources without relying on the source address field of the IP header. FDPM provides many flexible features to trace the IP packets and can obtain better tracing capability than current IP traceback mechanisms, such as Probabilistic Packet Marking (PPM), and Deterministic Packet Marking (DPM). The flexibilities of FDPM are in two ways, one is that it can adjust the length of marking field according to the network protocols deployed; the other is that it can adjust the marking rate according to the load of participating routers. The implementation and evaluation demonstrates that the FDPM needs moderately only a small number of packets to complete the traceback process; and can successfully perform a large-scale IP traceback, for example, trace up to 110,000 sources in a single incident response. It has a built-in overload prevention mechanism, therefore this scheme can perform a good traceback process even it is heavily loaded.

History

Pagination

431 - 436

Location

Sydney, Australia

Open access

  • Yes

Start date

2005-07-04

End date

2005-07-07

ISBN-13

9780769523163

ISBN-10

0769523161

Language

eng

Notes

This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.

Publication classification

E1 Full written paper - refereed

Copyright notice

2005, IEEE

Editor/Contributor(s)

X He, T Hintz, M Piccardi, Q Wu, M Huang, D Tien

Title of proceedings

Third International Conference on Information Technology and Applications : 4-7 July 2005, Sydney, Australia : proceedings