Title :
Deterministic packet marking based on the coordination of border gateways
Author :
Li Yonghui ; Yulong, Wang ; Fangchun, Yang ; Sen, Su ; Dong, Yan
Author_Institution :
State Key Lab. of Networking & Switching Technol., Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
Mainly aiming at tracing DoS and DDoS attack, the current IP traceback methods has not yet had a good scheme for tracing single packet attack; and most of them enable the marking routers to mark the packet independently, regardless of making the marking routers work together to improve the traceback performance. In view of these insufficiencies, we propose a traceback method named CDPM which is based on the coordination of border gateways. CDPM can identify the forged path information and adjust the marking strategy dynamically so as to reduce the impact on the network and trace different types of attacks (DoS, DDoS, single packet attack and so on). Finally, simulation results show that CDPM is able to reconstruct the attack path as well as own good feasibility and little influence on the end-to-end delay of IP packet.
Keywords :
IP networks; Internet; computer network security; telecommunication network routing; CDPM; DDoS attack; DoS attack; IP traceback methods; border gateways coordination; deterministic packet marking; marking routers; Active appearance model; Computer crime; Computer networks; Computer science education; Educational technology; Electronic mail; Laboratories; Packet switching; Telecommunication computing; Telecommunication switching; IP traceback; border gateway; denial of service; deterministic packet marking; distributed denial of service;
Conference_Titel :
Education Technology and Computer (ICETC), 2010 2nd International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4244-6367-1
DOI :
10.1109/ICETC.2010.5529413
