Title :
A Fast Deterministic Packet Marking Scheme for IP Traceback
Author :
Wang Xiao-jing ; Hu Chang-zhen ; Hu He
Author_Institution :
Lab. of Comput. Network Defense Technol., Beijing Inst. of Technol., Beijing, China
Abstract :
A fast deterministic packet marking scheme (FDPM) for IP traceback against distributed denial of service attacks is presented, which applies a novel marking algorithm and significantly improves IP traceback in two aspects: (1) the victim doesn´t need to accommodate fragments for recovery, so it needs several packets to identify an ingress router with lower false positives; (2) FDPM can scales to large distributed attacks with thousands of attackers. Theoretical analysis and the pseudo code are provided. Compared with previous DPM schemes, average convergence time of FDPM decreased by 86.3% packets or even more. Therefore FDPM is more efficient and represents a step forward in performance.
Keywords :
IP networks; security of data; telecommunication network routing; IP traceback; distributed attacks; distributed denial of service attacks; fast deterministic packet marking scheme; ingress router; pseudo code; Computer crime; Computer networks; Computer security; Convergence; Data mining; Forensics; Information security; Internet; Large-scale systems; Law enforcement; IP traceback; deterministic packet marking; distributed denial of service; network security;
Conference_Titel :
Multimedia Information Networking and Security, 2009. MINES '09. International Conference on
Conference_Location :
Hubei
Print_ISBN :
978-0-7695-3843-3
Electronic_ISBN :
978-1-4244-5068-8
DOI :
10.1109/MINES.2009.200
