Abstract | ||
---|---|---|
Distributed Denial-of-Service (DDoS) attacks are one of the major threats the Internet is facing today. The problem of tracing the attackers is particularly difficult since attackers spoof the source addresses. Researchers all over the world have proposed several packet marking based techniques for DDoS attack mitigation using IP Traceback, however even after a decade of active research no commercial product incorporates any of these packet marking techniques; either because they add overhead in network traffic or they break some of the existing internet features like IP fragmentation. In this paper, we propose a novel scheme which performs IP Traceback but adds no space overhead and yet is fragmentation compatible. We show that our scheme produces negligible false positive and causes almost no collision in ID field for fragmentation and reassembly. As this scheme is simple to implement and has very less processing and storage overhead at the victim and routers, it makes it a suitable candidate for widespread acceptance in the internet community and industry for DDoS attack prevention and mitigation. |
Year | DOI | Venue |
---|---|---|
2011 | 10.1109/APCC.2011.6152917 | Asia-Pacific Conference on Communications |
Keywords | Field | DocType |
Packet Marking,DoS,DDoS,Hashing,Edge Routers,Fragmentation compatible IP Traceback and RTT | Denial-of-service attack,Computer science,Computer security,Network packet,Computer network,IP traceback,Router,IP fragmentation,Application layer DDoS attack,The Internet,Routing protocol | Conference |
ISSN | Citations | PageRank |
2163-0771 | 1 | 0.34 |
References | Authors | |
8 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Samant Saurabh | 1 | 27 | 4.16 |
Ashok Singh Sairam | 2 | 43 | 10.83 |