Title :
A cross-AS traceback method based on flexible fragmentation of path information
Author :
Li, Yonghui ; Wang, Yulong ; Yang, Fangchun ; Su, Sen
Author_Institution :
State Key Lab. of Networking & Switching Technol., Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
This article puts forward a cross-AS (Autonomous System, AS) IP trackback method, called FFDPM, for tracing DDoS attack. FFDPM exploits the BGP AS-PATH attribute, which indicates the AS sequence one packet needs to pass through before reaching its destination, to make the Border Gateway (BG) divide the AS Number (ASN) in a flexible manner based on the distance between itself and the packet´s aim AS, so as to improve the applicable scope and reduce the number of packets needed for path reconstruction. In order to resist the forging mark information, this method also proposes a mark information authentication scheme, which stores the authentication information subtly in the idle room that has not been used by mark information. The theoretical analysis shows that FFDPM can trace DDoS attacks effectively.
Keywords :
IP networks; computer network security; internetworking; AS number; ASN; BGP AS-PATH attribute; DDoS attack; FFDPM; authentication information; autonomous system; border gateway; cross-AS IP traceback method; flexible fragmentation; mark information authentication scheme; path information; path reconstruction; theoretical analysis; IP traceback; denial of service (DoS); distributed denial of service (DDoS);
Conference_Titel :
GLOBECOM Workshops (GC Wkshps), 2010 IEEE
Conference_Location :
Miami, FL
Print_ISBN :
978-1-4244-8863-6
DOI :
10.1109/GLOCOMW.2010.5700212
