A Fractional-Step DDoS Attack Source Traceback Algorithm Based on Autonomous System

Author

Zhaoyang Qu ; Chunfeng Huang

Author_Institution

Sch. of Inf. Eng., Northeast Dianli Univ., Jilin

fYear

2008

fDate

15-17 Aug. 2008

Firstpage

1383

Lastpage

1387

Abstract

This paper proposes a fractional-step algorithm based on autonomous system(AS) to trace distributed denial of service(DDoS) attack source by dividing the tracing process into two steps. In the first step, Deterministic Packet Marking based on AS(ASDPM) is adopted to determine the attack-originating AS. In the second step, non-repeated probabilistic packet marking(NRPPM) is used to identify the exact origin of the attacks in the specific AS. Compared with previous algorithms, the two-step traceback algorithm has the benefits of low bandwidth consumption, quick convergence speed, light computational overhead and low false positive, it can decrease the number of packets the path reconstruction needs, and increase the efficiency of path reconstruction, hence making it possible to trace the DDoS attack source on a real-time basis.

Keywords

Internet; security of data; DDoS attack source traceback algorithm; autonomous system; deterministic packet marking; distributed denial of service attack; fractional-step algorithm; light computational overhead; low bandwidth consumption; low false positive; nonrepeated probabilistic packet marking; path reconstruction; quick convergence speed; tracing process; Bandwidth; Cities and towns; Computer crime; Convergence; Electronic mail; Encoding; Internet; Multimedia systems; Signal processing algorithms; Telecommunication traffic; AS; DDoS Attack; IP Traceback; Packet Marking;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligent Information Hiding and Multimedia Signal Processing, 2008. IIHMSP '08 International Conference on

Conference_Location

Harbin

Print_ISBN

978-0-7695-3278-3

Type

conf

DOI

10.1109/IIH-MSP.2008.61

Filename

4604300