• DocumentCode
    2897738
  • Title

    A Fast Deterministic Packet Marking Scheme for IP Traceback

  • Author

    Wang Xiao-jing ; Hu Chang-zhen ; Hu He

  • Author_Institution
    Lab. of Comput. Network Defense Technol., Beijing Inst. of Technol., Beijing, China
  • Volume
    2
  • fYear
    2009
  • fDate
    18-20 Nov. 2009
  • Firstpage
    526
  • Lastpage
    529
  • Abstract
    A fast deterministic packet marking scheme (FDPM) for IP traceback against distributed denial of service attacks is presented, which applies a novel marking algorithm and significantly improves IP traceback in two aspects: (1) the victim doesn´t need to accommodate fragments for recovery, so it needs several packets to identify an ingress router with lower false positives; (2) FDPM can scales to large distributed attacks with thousands of attackers. Theoretical analysis and the pseudo code are provided. Compared with previous DPM schemes, average convergence time of FDPM decreased by 86.3% packets or even more. Therefore FDPM is more efficient and represents a step forward in performance.
  • Keywords
    IP networks; security of data; telecommunication network routing; IP traceback; distributed attacks; distributed denial of service attacks; fast deterministic packet marking scheme; ingress router; pseudo code; Computer crime; Computer networks; Computer security; Convergence; Data mining; Forensics; Information security; Internet; Large-scale systems; Law enforcement; IP traceback; deterministic packet marking; distributed denial of service; network security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Multimedia Information Networking and Security, 2009. MINES '09. International Conference on
  • Conference_Location
    Hubei
  • Print_ISBN
    978-0-7695-3843-3
  • Electronic_ISBN
    978-1-4244-5068-8
  • Type

    conf

  • DOI
    10.1109/MINES.2009.200
  • Filename
    5368311
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2897738