Hardware support for a hash-based IP traceback

The Source Path Isolation Engine (SPIE) is a system capable of tracing a single IP packet to its point of origin or point of ingress into a network. SPIE supports tracing by scoring a few bits of unique information about each packet for a period of time as the packets traverse the network. Software implementations of SPIE can trace packets through networks comprised of slow-to-medium speed routers (up to OC-12), but higher-speed routers (OC-48 and faster) require hardware support. In this paper, we discuss these hardware design aspects of SPIE. Most of the hardware resides in a self-contained SPIE processing unit, which may be implemented in a line card form factor for insertion into the router itself or as a stand-alone unit that connects to the router through an external interface.

[1]  Craig Partridge,et al.  Performance of checksums and CRCs over real data , 1995, SIGCOMM '95.

[2]  David L. Mills,et al.  Network Time Protocol (Version 3) Specification, Implementation and Analysis , 1992, RFC.

[3]  Anna R. Karlin,et al.  Practical network support for IP traceback , 2000, SIGCOMM.

[4]  Dan Schnackenberg,et al.  Infrastructure for intrusion detection and response , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[5]  Proceedings DARPA Information Survivability Conference and Exposition , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[6]  Yakov Rekhter,et al.  Address Allocation for Private Internets , 1994, RFC.

[7]  Robert Stone,et al.  CenterTrack: An IP Overlay Network for Tracking DoS Floods , 2000, USENIX Security Symposium.

[8]  Dawn Xiaodong Song,et al.  Advanced and authenticated marking schemes for IP traceback , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[9]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[10]  Li Fan,et al.  Summary cache: a scalable wide-area web cache sharing protocol , 2000, TNET.

[11]  Anna R. Karlin,et al.  Practical network support for IP traceback , 2000, SIGCOMM.

[12]  Craig Partridge,et al.  Hash-based IP traceback , 2001, SIGCOMM.

[13]  Bill Cheswick,et al.  Tracing Anonymous Packets to Their Approximate Source , 2000, LISA.

[14]  Craig Partridge,et al.  Performance of checksums and CRC's over real data , 1998, IEEE/ACM Trans. Netw..

[15]  Alex C. Snoeren,et al.  Hash-based IP traceback , 2001, SIGCOMM '01.