An IP traceback technique against denial-of-service attacks

Reflector attack [Vern Paxson (2001)] belongs to one of the most serious types of denial-of-service (DoS) attacks, which can hardly be traced by contemporary traceback techniques, since the marked information written by any routers between the attacker and the reflectors will be lost in the replied packets from the reflectors. We propose a reflective algebraic marking scheme for tracing DoS and DDoS attacks, as well as reflector attacks. The proposed marking scheme contains three algorithms, namely the marking, reflection and reconstruction algorithms, which have been well tested through extensive simulation experiments. The results show that the marking scheme can achieve a high performance in tracing the sources of the potential attack packets. In addition, it produces negligible false positives; whereas other current methods usually produce a certain amount of false positives.