Paper Info
Title
Practical network support for IP traceback
Abstract
This paper describes a technique for tracing anonymous packet flooding attacks in the Internet back towards their source. This work is motivated by the increased frequency and sophistication of denial-of-service attacks and by the difficulty in tracing packets with incorrect, or ``spoofed'', source addresses. In this paper we describe a general purpose traceback mechanism based on probabilistic packet marking in the network. Our approach allows a victim to identify the network path(s) traversed by attack traffic without requiring interactive operational support from Internet Service Providers (ISPs). Moreover, this traceback can be performed ``post-mortem'' -- after an attack has completed. We present an implementation of this technology that is incrementally deployable, (mostly) backwards compatible and can be efficiently implemented using conventional technology.
Year
DOI
Venue
2000
10.1145/347059.347560
SIGCOMM
Keywords
Field
DocType
internet service providers,conventional technology,network path,practical network support,ip traceback,probabilistic packet,source address,denial-of-service attack,increased frequency,general purpose traceback mechanism,anonymous packet flooding attack,attack traffic,self similarity,tcp congestion control,denial of service attack
Ingress filtering,Computer science,Computer security,IP address spoofing,Network packet,Computer network,IP traceback,Smurf attack,DDoS mitigation,Application layer DDoS attack,The Internet
Conference
Volume
Issue
ISSN
30
4
0146-4833
ISBN
Citations 
PageRank 
1-58113-223-9
537
66.83
References 
Authors
23
4
Search Limit
100537
Name
Order
Citations
PageRank
stefan savage1110171067.00
David Wetherall27819683.44
Anna R. Karlin34429646.72
Tom Anderson457168.97