posted on 2005-01-01, 00:00authored byYang Xiang, Wanlei Zhou
In this paper, we present a new approach, called Flexible Deterministic Packet Marking (FDPM), to perform a large-scale IP traceback to defend against Distributed Denial of Service (DDoS) attacks. In a DDoS attack the victim host or network is usually attacked by a large number of spoofed IP packets coming from multiple sources. IP traceback is the ability to trace the IP packets to their sources without relying on the source address field of the IP header. FDPM provides many flexible features to trace the IP packets and can obtain better tracing capability than current IP traceback mechanisms, such as Probabilistic Packet Marking (PPM), and Deterministic Packet Marking (DPM). The flexibilities of FDPM are in two ways, one is that it can adjust the length of marking field according to the network protocols deployed; the other is that it can adjust the marking rate according to the load of participating routers. The implementation and evaluation demonstrates that the FDPM needs moderately only a small number of packets to complete the traceback process; and can successfully perform a large-scale IP traceback, for example, trace up to 110,000 sources in a single incident response. It has a built-in overload prevention mechanism, therefore this scheme can perform a good traceback process even it is heavily loaded.
History
Pagination
431 - 436
Location
Sydney, Australia
Open access
Yes
Start date
2005-07-04
End date
2005-07-07
ISBN-13
9780769523163
ISBN-10
0769523161
Language
eng
Notes
This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
Publication classification
E1 Full written paper - refereed
Copyright notice
2005, IEEE
Editor/Contributor(s)
X He, T Hintz, M Piccardi, Q Wu, M Huang, D Tien
Title of proceedings
Third International Conference on Information Technology and Applications : 4-7 July 2005, Sydney, Australia : proceedings