Title :
A real-time traceback scheme for DDoS attacks
Author :
Huang, Changlai ; Li, Ming ; Yang, Jianghu ; Gao, Chuanshan
Author_Institution :
Dept. of Comput. Sci. & Eng., Fudan Univ., Shanghai, China
Abstract :
Due to the fact that IP spoofing technique is frequently used, defending distributed denial of service (DDoS) attacks faces extreme difficulty. Recently, several approaches have been proposed for path identification to trace DDoS attacks. However, most of these schemes require very large number of packets to conduct the traceback process, which results in lengthy and complicated procedure. This paper proposes a novel DDoS traceback scheme based on real-time consideration by dividing the tracing process into two steps. In the first step, probabilistic packet marking (PPM) based on autonomous system (AS) (ASPPM) is adopted to determine the attack-originating AS. In the second step, random number packet marking (RNPM) is used to identify the exact origin of the attacks in the specific AS. Compared with previous schemes, the two-step traceback scheme has the benefits of quick convergence speed, light computational overhead and low false positive, hence making it possible to trace the DDoS source on a real-time basis.
Keywords :
IP networks; telecommunication security; telecommunication services; IP spoofing technique; autonomous system; computational overhead; probabilistic packet marking; random number packet marking; real-time distributed denial of service traceback scheme; Computer crime; Computer science; Control systems; Convergence; Internet; Network topology; Performance analysis; Protocols; Real time systems; Security;
Conference_Titel :
Wireless Communications, Networking and Mobile Computing, 2005. Proceedings. 2005 International Conference on
Print_ISBN :
0-7803-9335-X
DOI :
10.1109/WCNM.2005.1544263
