Title :
Coloring the Internet: IP traceback
Author :
Muthuprasanna, M. ; Manimaran, G. ; Alicherry, Mansoor ; Kumar, Vijay
Author_Institution :
Iowa State Univ., Ames, IA
Abstract :
Several IP traceback schemes employing packet marking have been proposed to trace DoS/DDoS attacks that use source address spoofing. The major challenges in the design of an efficient traceback technique are to minimize the number of packets required for successful traceback, and also to reduce the number of bits marked per packet by any router along the attack path. We propose a graph-coloring approach here that specifically addresses these issues. We propose to view the deployment of the traceback-enabled routers as an Internet traceback overlay network, which not only provides easy scalability and incremental deployment, but also allows for the spatial reuse of the router labels used for packet marking, directly resulting in a reduced bit-space, and hence in fewer packets required for successful traceback. We additionally propose an enhanced (logical) partitioned coloring technique to achieve an order of magnitude improvement over the best known schemes today. We also propose a 2-tier architecture that provides greater incentives for deployment to different ISP networks worldwide. We analyze the proposed techniques using real Internet AS-level topologies obtained from various sources
Keywords :
Internet; graph colouring; telecommunication network routing; telecommunication security; DDoS attack tracing; DoS attack tracing; IP traceback; Internet traceback overlay network; graph-coloring; logical partitioned coloring; packet marking; Computer crime; Environmental economics; IP networks; Internet; Network servers; Network topology; Routing; Scalability; Service oriented architecture; Web server;
Conference_Titel :
Parallel and Distributed Systems, 2006. ICPADS 2006. 12th International Conference on
Conference_Location :
Minneapolis, MN
Print_ISBN :
0-7695-2612-8
DOI :
10.1109/ICPADS.2006.31
