Title :
A novel vector edge sampling scheme for IP traceback against DDoS attacks
Author :
Wei, Jun ; Chen, Kai ; Lian, Yi-feng ; Dai, Ying-xia
Author_Institution :
China Inf. Security Certification Center, Beijing, China
Abstract :
A novel edge sampling scheme for IP traceback against DDoS attacks is presented, which is called router´s vector edge sampling (RVES). It is simple for marking machines to be implemented. A packet will be probabilistically pre-marked and post-marked on traversed router´s interfaces. This approach supports incremental deployment, which makes it effective for multi-path attack reconstruction and computation. Probability packet marking (PPM) and reconstruction algorithm based on RVES is also presented. We implemented prototypes and deployed them in the real Internet to make some experiments. The results show that our method is effective and efficient.
Keywords :
IP networks; Internet; cryptography; telecommunication network routing; vectors; DDoS attacks; IP traceback; Internet; multi-path attack computation; multi-path attack reconstruction; novel vector edge sampling; probability packet marking; router vector edge sampling; Computer crime; Cybernetics; IP networks; Internet; Machine learning; Probabilistic logic; Prototypes; Distributed denial of service (DDoS); IP traceback; Network security; Probability packet marking (PPM); Router´s vector edge sampling (RVES);
Conference_Titel :
Machine Learning and Cybernetics (ICMLC), 2010 International Conference on
Conference_Location :
Qingdao
Print_ISBN :
978-1-4244-6526-2
DOI :
10.1109/ICMLC.2010.5580796
