IP Traceback method by OpenFlow

IP traceroute is used to find the routes of egress packets, while IP traceback is used to find the routes of ingress packets. DDoS attacks spoof source IP address and IP traceback is useful to detect true source IP address of DDoS attacks. This paper proposes the method of IP traceback and implements the method at OpenFlow controllers. This paper also evaluates the load of IP traceback on OpenFlow controllers by experiments.

[1]  Minyi Guo,et al.  Flexible Deterministic Packet Marking: An IP Traceback System to Find the Real Source of Attacks , 2009, IEEE Transactions on Parallel and Distributed Systems.

[2]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[3]  Anna R. Karlin,et al.  Network support for IP traceback , 2001, TNET.

[4]  Daisuke Miyamoto,et al.  An Autonomous Architecture for Inter-Domain Traceback across the Borders of Network Operation , 2006, 11th IEEE Symposium on Computers and Communications (ISCC'06).

[5]  Jun Li,et al.  Large-scale IP traceback in high-speed Internet: practical techniques and theoretical foundation , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[6]  Henning Schulzrinne,et al.  A denial-of-service-resistant IP traceback approach , 2004, Proceedings. ISCC 2004. Ninth International Symposium on Computers And Communications (IEEE Cat. No.04TH8769).

[7]  Dawn Xiaodong Song,et al.  Advanced and authenticated marking schemes for IP traceback , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[8]  Craig Partridge,et al.  Single-packet IP traceback , 2002, TNET.

[9]  Daniel Massey,et al.  On design and evaluation of "intention-driven" ICMP traceback , 2001, Proceedings Tenth International Conference on Computer Communications and Networks (Cat. No.01EX495).