Advanced Packet Marking Mechanism with Pushback for IP Traceback

Distributed Denial-of-Service(DDoS) attack can be done by generating a large volume of traffic through spoofing the IP address of the target system. In response to such attacks, IP traceback technology has been proposed. The method identifies the source of a DDoS attack and restructures the path on the network through which the attacking packet has been transmitted. Existing traceback techniques marked path information on packets or generated separate traceback messages but they increase network load and cannot cope with DDoS attacks actively because they generate traceback information for arbitrary packets without identifying DDoS attacks. Thus this study proposed an improved marking technique that identifies DDoS traffics at routers by applying the pushback function and cope with DDoS attack packets efficiently. According to the result of experiments, the proposed technique reduced network load and improved traceback performance.

[1]  Stephen E. Deering,et al.  Internet Protocol, Version 6 (IPv6) Specification , 1995, RFC.

[2]  Shigeyuki Matsuda,et al.  Tracing Network Attacks to Their Sources , 2002, IEEE Internet Comput..

[3]  Paul Ferguson,et al.  Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing , 1998, RFC.

[4]  Steven M. Bellovin,et al.  ICMP Traceback Messages , 2003 .

[5]  Dawn Xiaodong Song,et al.  Advanced and authenticated marking schemes for IP traceback , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[6]  Heejo Lee,et al.  On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[7]  Lee Garber,et al.  Denial-of-Service Attacks Rip the Internet , 2000, Computer.

[8]  Nirwan Ansari,et al.  On IP traceback , 2003, IEEE Commun. Mag..