Abstract | ||
---|---|---|
This paper describes a technique for tracing anonymous packet flooding attacks in the Internet back towards their source. This work is motivated by the increased frequency and sophistication of denial-of-service attacks and by the difficulty in tracing packets with incorrect, or ``spoofed'', source addresses. In this paper we describe a general purpose traceback mechanism based on probabilistic packet marking in the network. Our approach allows a victim to identify the network path(s) traversed by attack traffic without requiring interactive operational support from Internet Service Providers (ISPs). Moreover, this traceback can be performed ``post-mortem'' -- after an attack has completed. We present an implementation of this technology that is incrementally deployable, (mostly) backwards compatible and can be efficiently implemented using conventional technology. |
Year | DOI | Venue |
---|---|---|
2000 | 10.1145/347059.347560 | SIGCOMM |
Keywords | Field | DocType |
internet service providers,conventional technology,network path,practical network support,ip traceback,probabilistic packet,source address,denial-of-service attack,increased frequency,general purpose traceback mechanism,anonymous packet flooding attack,attack traffic,self similarity,tcp congestion control,denial of service attack | Ingress filtering,Computer science,Computer security,IP address spoofing,Network packet,Computer network,IP traceback,Smurf attack,DDoS mitigation,Application layer DDoS attack,The Internet | Conference |
Volume | Issue | ISSN |
30 | 4 | 0146-4833 |
ISBN | Citations | PageRank |
1-58113-223-9 | 537 | 66.83 |
References | Authors | |
23 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
stefan savage | 1 | 11017 | 1067.00 |
David Wetherall | 2 | 7819 | 683.44 |
Anna R. Karlin | 3 | 4429 | 646.72 |
Tom Anderson | 4 | 571 | 68.97 |