Dynamic Probabilistic Packet Marking Based on PPM

Most of the probability of packet marking(PPM) have existed many problems such as the lost of marking information, the difficulties to reconstruct attack path, low accuracy and so on. In this work, we present a new approach, called dynamic probabilistic packet marking (DPPM), to further improve the effectiveness o fPPM. Instead of using a fixed marking probability, we propose to judge whether the packet has been marked or not then choose a proper marking probability. DPPM may solve most of the problems in PPM method. Formal analysis indicates that DPPM outperforms PPM in most aspects.

[1]  Bill Cheswick,et al.  Tracing Anonymous Packets to Their Approximate Source , 2000, LISA.

[2]  Heejo Lee,et al.  On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[3]  Dawn Xiaodong Song,et al.  Advanced and authenticated marking schemes for IP traceback , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[4]  Shigeyuki Matsuda,et al.  Tracing Network Attacks to Their Sources , 2002, IEEE Internet Comput..

[5]  Anna R. Karlin,et al.  Network support for IP traceback , 2001, TNET.

[6]  Paul Ferguson,et al.  Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing , 1998, RFC.

[7]  Dharma P. Agrawal,et al.  Improving scheduling of tasks in a heterogeneous environment , 2004, IEEE Transactions on Parallel and Distributed Systems.