Non-preemptive packet marking scheme

Distributed Denial of Service(DDoS) attack is among the hardest network problems.Among several countermeasures,packet making scheme is promising.In these marking schemes,every router marks a passing packet with a probability,so that the convergence time for an attacking path can be achieved in little time,and the attack can be found in attack path reconstruction using IP traceback.In this paper,a new packet making scheme,a non-preemptive packet marking scheme is given,which reduces the convergence time and false positive rate,and takes lower network and router overhead.