Title :
A table-driven approach for IP traceback based on network statistic analysis
Author :
Su, Wei-Tsung ; Chuang, Yi-Hsun ; Wu, Zong-Bing ; Kuo, Yau-Hwang
Author_Institution :
Dept. of Comput. Sci. & Inf. Eng., Aletheia Univ., Taipei
Abstract :
IP-spoofed DDoS attack is a serious security problem in Internet. Thus, an IP traceback approach is essential. In this paper, a fast IP traceback approach (FTA) based on network statistic analysis is proposed. By maintaining the branch label table (BLT) which contains some network statistics in edge routers, the time of IP traceback procedure is efficiently reduced. In addition, an adaptive packet filter is proposed to mitigate the DDoS attacks. The packet drop rate adapts to the location of DDoS attackers and the queue length. Finally, ns-2 simulation is conducted to evaluate FTA. The simulation results show FTA substantially accelerates IP traceback procedure. Moreover, the proposed adaptive packet filter efficiently mitigates the DDoS attacks.
Keywords :
IP networks; Internet; adaptive filters; statistical analysis; telecommunication security; IP traceback approach; IP-spoofed DDoS attack; Internet; adaptive packet filter; branch label table; edge routers; network statistic analysis; ns-2 simulation; queue length; security problem; table-driven approach; Acceleration; Adaptive filters; Computer crime; Computer science; Internet; Monitoring; Phase detection; Statistical analysis; Statistics; US Department of Transportation; DDoS; IP traceback; Packet filter;
Conference_Titel :
Advanced Communication Technology, 2009. ICACT 2009. 11th International Conference on
Conference_Location :
Phoenix Park
Print_ISBN :
978-89-5519-138-7
Electronic_ISBN :
1738-9445
