PMS an expeditious marking scheme to combat with the DDoS attack

Distributed denial of service (DDoS) is real time challenging problem for Internet users. Due to unknown nature of attack, any defense mechanism should perform these two tasks: immediately detect the attack and take measurements to stop the upcoming flood. Currently deployed defense mechanisms can easily be defeated by the attackers because they know the weaknesses in the systems. Yaar proposed Pi marking scheme using the 16 bit IP header identification field. The performance of Pi marking is not effective because of static 1 bit or 2 bit marking criteria. Our technique decides the packet marking dynamically on the bases of number of hop counts. The performance is promising as compared to other existing schemes

[1]  Manpyo Hong,et al.  Effective Packet Marking Approach to Defend against DDoS Attack , 2004, ICCSA.

[2]  Kurt Rothermel,et al.  Dynamic distance maps of the Internet , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[3]  David Wetherall,et al.  Preventing Internet denial-of-service with capabilities , 2004, Comput. Commun. Rev..

[4]  Dawn Xiaodong Song,et al.  Pi: a path identification mechanism to defend against DDoS attacks , 2003, 2003 Symposium on Security and Privacy, 2003..

[5]  Man-Pyo Hong,et al.  A Study on Marking Bit Size for Path Identification Method: Deploying the Pi Filter at the End Host , 2004, ICCSA.