A novel packet marking scheme for IP traceback

Recently, several schemes have been proposed for IP traffic source identification for tracing denial of service (DoS) attacks. Most of these schemes require very large number of packets to conduct the traceback process, which results in lengthy and complicated procedure. In this paper, we address this issue by proposing a scheme, called probabilistic pipelined packet marking (PPPM), which employs the concept of "pipeline" for propagating marking information from one marking router to another so that it eventually reaches the destination. The key benefit of this pipeline process lies in drastically reducing the number of packets that is required for the traceback process. We evaluate the effectiveness of the proposed scheme for various performance metrics through combination of analytical and simulation studies. Our studies show that the proposed scheme offers high attack source detection percentage, and attack source localization distance of less than two hops under different attack scenarios.