A new scheme for IP traceback under DoS attack

Author

Hai-tao, Llan ; Liu-sheng, Huang ; Yun-fei, Lei ; Guo-liang, Chen

Author_Institution

Dept. of Comput. Sci. & Technol., Univ. of Sci. & Technol. of China, China

fYear

2003

fDate

27-29 Aug. 2003

Firstpage

189

Lastpage

193

Abstract

The problem of identifying the sources of a denial of service attack is among the hardest in the Internet security area, since attackers often use spoofed source IP addresses. We present a new scheme called MAC-based probabilistic packet marking (MPPM) for IP traceback under DoS attack. A router marks the packets stochastically with fragments of an edge composed of itself and the next hop router. Message authentication code (MAC) is used to link and authenticate fragments of routers´ addresses in the marked attack packets. The main advantage of MPPM over known PPM schemes includes less attack packets required to converge, linear computation overhead and more precision. Moreover the optional authentication mechanism provides robustness against faked marks. MPPM also features low router cost and supports incremental deployment.

Keywords

IP networks; Internet; computer crime; message authentication; probability; telecommunication network routing; telecommunication security; telecommunication services; DDoS attack; IP traceback; Internet security; MAC; MAC-based probabilistic packet marking; MPPM; distributed denial of service attack; message authentication code; spoofed source IP address; Bandwidth; Computer crime; Computer science; Computer security; Costs; Filtering; Message authentication; Power system security; Robustness; Web and internet services;

fLanguage

English

Publisher

ieee

Conference_Titel

Parallel and Distributed Computing, Applications and Technologies, 2003. PDCAT'2003. Proceedings of the Fourth International Conference on

Print_ISBN

0-7803-7840-7

Type

conf

DOI

10.1109/PDCAT.2003.1236285

Filename

1236285