Toward global Internet services to defend against DDoS by dynamic possibility-based packets marking trace back

Author

Ren, Wei

Author_Institution

Sch. of Inf., Zhongnan Univ. of Econ. & Law, Wuhan, China

Volume

1

fYear

2005

fDate

13-15 June 2005

Firstpage

589

Abstract

DDoS is harmful to the Internet services for its attacking results, such as the service discontinuity, degradation of the quality of service and traffics aggregation. In this paper we give a dynamic possibility-based packet marking scheme for the IP trace back. In this scheme, packets are marked with the different address information, such as AS number or IP address, and together, with the different possibility according to the traffics loads in the router, which does not result in much performance cost. This scheme can help to the attacking path reconstruction, which helps to the traffics filter, traffics analysis, defense of aggregation and network forensics.

Keywords

IP networks; Internet; electronic commerce; packet switching; quality of service; telecommunication network routing; telecommunication security; telecommunication traffic; DDoS; IP trace back; Internet services; network forensics; network security; possibility-based packet marking scheme; quality of service; traffics aggregation; Command and control systems; Computer crime; Costs; Degradation; Face detection; Information filtering; Information filters; Quality of service; Telecommunication traffic; Web and internet services;

fLanguage

English

Publisher

ieee

Conference_Titel

Services Systems and Services Management, 2005. Proceedings of ICSSSM '05. 2005 International Conference on

Print_ISBN

0-7803-8971-9

Type

conf

DOI

10.1109/ICSSSM.2005.1499540

Filename

1499540