Title :
A Novel Two-Step Traceback Scheme for DDoS Attacks
Author :
Qu, Zhaoyang ; Huang, Chunfeng ; Liu, Ningning
Author_Institution :
Sch. of Inf. Eng., Northeast Dianli Univ., Jilin
Abstract :
The defense against Distributed Denial of Service (DDoS) attacks is one of the primary concerns on the Internet today. IP spoofing makes it difficult for the victim to determine the packet´s true origin. There is a need for a mechanism that could rapidly trace back to the attacks´ origins for the victim. This paper presents a two-step traceback scheme to track DDoS attack source by dividing the tracing process into two steps. In the first step, packet marking method based on autonomous system (ASPMM) is adopted to determine the attack-originating autonomous system (AS). In the second step, non-repeated probabilistic packet marking (NRPPM) is used to identify the exact origin of the attacks in the specific AS. Compared with previous algorithms, the two-step traceback scheme has the benefits of low bandwidth consumption, quick convergence speed, light computational overhead of address recombination, it can decrease the number of packets the path reconstruction needs, and improve the efficiency of path reconstruction, hence making it possible to trace the DDoS attack source rapidly.
Keywords :
IP networks; Internet; probability; security of data; DDoS; IP spoofing; Internet; autonomous system; distributed denial of service attacks; non-repeated probabilistic packet marking; packet marking method; path reconstruction; two-step traceback scheme; Bandwidth; Cities and towns; Computer crime; Convergence; Encoding; Information technology; Mechanical engineering; Power engineering and energy; Routing; Web and internet services; AS; DDoS Attack; IP Traceback; Network Security; Packet Marking;
Conference_Titel :
Intelligent Information Technology Application, 2008. IITA '08. Second International Symposium on
Conference_Location :
Shanghai
Print_ISBN :
978-0-7695-3497-8
DOI :
10.1109/IITA.2008.102
