Title :
Enhanced probabilistic packet marking for IP traceback
Author :
Gao, Zhiqiang ; Ansari, Nirwan
Author_Institution :
Dept. of Electr. & Comput. Eng., New Jersey Inst. of Technol., Newark, NJ, USA
fDate :
28 Nov.-2 Dec. 2005
Abstract :
A novel mechanism based on probabilistic packet marking (PPM) for IP traceback is presented. Our proposal enhances the performance of PPM in the following aspects. First, PPM can effectively trace denial of service (DoS) attacks and small-scale distributed DoS (DDoS) attacks only while our proposal may also be used to tackle large-scale DDoS attacks. Second, our scheme eliminates a serious vulnerability of PPM, i.e., spoofed marking inscribed by the attacker intentionally. Third, by optimizing the marking probability and refining the marking mechanism, our scheme can significantly reduce the number of packets required for path reconstruction. In comparison with PPM, as many as 41.31% of marked packets required for a single path reconstruction may be reduced using our scheme.
Keywords :
IP networks; probability; telecommunication security; telecommunication services; IP traceback; denial of service attacks; distributed DoS attacks; path reconstruction; probabilistic packet marking; vulnerability elimination; Computer crime; Computer worms; Filtering; IP networks; Intrusion detection; Large-scale systems; Network servers; Proposals; Web and internet services; Web server;
Conference_Titel :
Global Telecommunications Conference, 2005. GLOBECOM '05. IEEE
Print_ISBN :
0-7803-9414-3
DOI :
10.1109/GLOCOM.2005.1577935
