IP traceback in star colored networks

Network attacks and in particular denial of service (DoS) attacks have emerged as a major way to compromise the availability of servers and interrupt legitimate online services provided by servers. These attacks are among one of the hardest security problems to address because they are simple to implement but hard to prevent and difficult to trace. Tracing the attacker after an attack is crucial to institute protection measures against future attacks. Packet marking schemes have been proposed to traceback an attacker. The idea is to insert some traceback data in each packet when it passes through a router and use this information to construct the attack path. The major challenges in these schemes are to minimize the number of packets for successful traceback and to reduce the number of bits marked per packet by any router along the attack path. A general approach is to encode the 32-bit IP address of the router and store it in the 16-bit ID field of the IP packet header. However, this will result in collisions. In this work we develop a novel packet marking scheme of assigning marks (colors) where routers at a distance of two hops can reuse the colors (star coloring). Our proposed schemes assign color or mark to each router in a network such that the total number of colors used in the network is minimized. We also propose a technique to construct the attack path using these colors and mathematically show that the probability of attack paths colliding is minimal.