Title :
Tabu marking scheme for IP traceback
Author_Institution :
Inst. for Infocomm Res., Singapore
Abstract :
The IP traceback is an attractive mechanism in defending against distributed denial-of-service (DDoS) attacks. In this paper we propose a new probabilistic packet marking (PPM) scheme for IP traceback, tabu marking scheme (TMS). In this scheme a router regards a packet marked by an upstream router as a tabu and does not mark it again. Furthermore we derive a new analytical result on the partial coupon collection problem for convergence analysis. Numerical results show that TMS significantly reduces the convergence time under DDoS attacks, as compared with previous PPM schemes that allow overwriting. TMS also ensures the authentication of the routers´ markings.
Keywords :
IP networks; Internet; message authentication; probability; quality of service; search problems; telecommunication network routing; telecommunication security; IP traceback; distributed denial-of-service attack; message authentication; network router; probabilistic packet marking scheme; tabu marking scheme; Authentication; Computer crime; Convergence of numerical methods; Encoding; Filtering; Internet; Large-scale systems; Network topology; Polynomials; Sampling methods;
Conference_Titel :
Parallel and Distributed Processing Symposium, 2005. Proceedings. 19th IEEE International
Print_ISBN :
0-7695-2312-9
DOI :
10.1109/IPDPS.2005.421
