Title :
NISp1-05: RIM: Router Interface Marking for IP Traceback
Author :
Chen, Ruiliang ; Park, Jung-Min ; Marchany, Randolph
Author_Institution :
Lab. for Adv. Res. in Inf. Assurance & Security, Virginia Polytech. Inst. & State Univ., Blacksburg, VA
fDate :
Nov. 27 2006-Dec. 1 2006
Abstract :
Distributed Denial-of-Service (DDoS) attacks have become a major threat to the Internet. As a countermeasure against DDoS attacks, IP traceback schemes identify the network paths the attack traffic traverses. This paper presents a novel IP traceback scheme called Router Interface Marking (RIM). In RIM, a router probabilistically marks packets with a router interface´s identifier. After collecting the packets marked by each router in an attack path, a victim machine can use the information in the marked packets to trace back to the attack source. Different from most existing IP traceback schemes, RIM marks packets with the information of router interfaces rather than that of router IP addresses. This difference endows RIM with several advantageous features, including fast traceback speed, last-hop traceback capability, small computation overhead, low occurrence of false positives, and enhanced security.
Keywords :
IP networks; Internet; routing protocols; telecommunication security; IP traceback; Internet; RIM; distributed denial-of-service attack; router interface marking scheme; Computer crime; Computer interfaces; Computer networks; Computer security; Filtering; Information security; Information technology; Internet; Laboratories; Secure storage;
Conference_Titel :
Global Telecommunications Conference, 2006. GLOBECOM '06. IEEE
Conference_Location :
San Francisco, CA
Print_ISBN :
1-4244-0356-1
Electronic_ISBN :
1930-529X
DOI :
10.1109/GLOCOM.2006.312
