Packet Marking with Distance Based Probabilities for IP Traceback

Author

Akyuz, Turker ; Sogukpinar, Ibrahim

Author_Institution

Comput. Eng. Dept., Gebze Inst. of Technol. Kocaeli, Gebze, Turkey

fYear

2009

fDate

27-29 Dec. 2009

Firstpage

433

Lastpage

438

Abstract

IP traceback is one of the most important parts of the defense mechanism against DDoS attacks that widely use IP spoofing. Probabilistic packet marking (PPM) approach, in which routers probabilistically mark packets they transmit, seems to be a promising solution to perform an efficient IP traceback. In this work, we propose a new scheme that uses node sampling and routers mark packets with distance based probabilities. Also, a simulation model is constructed in order to evaluate and compare the performance of different PPM approaches objectively. Our simulation model is based on OMNET++ and INET framework and can perform analysis by using evaluation metrics such as minimum number of packets required, robustness against spoofed packets, number of false positives and false negatives under large-scale DDoS attacks.

Keywords

IP networks; computer network security; distributed processing; probability; DDoS attack; INET framework; IP spoofing; IP traceback; OMNET++; distance based probability; probabilistic packet marking; Analytical models; Computational modeling; Computer crime; Computer networks; Government; Internet; Performance analysis; Performance evaluation; Robustness; Sampling methods; DDoS attacks; IP Traceback; Probabilistic Packet Marking; network security;

fLanguage

English

Publisher

ieee

Conference_Titel

Networks and Communications, 2009. NETCOM '09. First International Conference on

Conference_Location

Chennai

Print_ISBN

978-1-4244-5364-1

Electronic_ISBN

978-0-7695-3924-9

Type

conf

DOI

10.1109/NetCoM.2009.45

Filename

5383950