Title :
Topology based packet marking
Author :
Al-Duwairi, Basheer ; Daniels, Thomas E.
Author_Institution :
Dept. of Electr. & Comput. Eng., Iowa State Univ., Ames, IA
Abstract :
Recently, several schemes have been proposed for IP traffic source identification for tracing attacks that employ source address spoofing such as denial of service (DoS) attacks. Most of these schemes are based on packet marking (i.e., augmenting IP packets with partial path information). A major challenge to packet marking schemes is the limited space available in the IP header for marking purposes. In this paper, we focus on this issue and propose a topology based encoding schemes supported by real Internet measurements. In particular, we propose an idealized deterministic edge append scheme in which we assume that the IP header can be modified to include the marking option field of fixed size. Also, we propose a deterministic pipelined packet marking scheme that is backward compatible with IPv4 (i.e., no IP header modification). The validity of both schemes depends directly on the statistical information that we extract from large data sets that represent Internet maps. Our studies show that it is possible to encode an entire path using 52 bits
Keywords :
IP networks; Internet; encoding; telecommunication network topology; telecommunication services; IP traffic source identification; Internet; denial of service attack; deterministic edge append scheme; deterministic pipelined packet marking scheme; encoding scheme; source address spoofing; topology based packet marking; Computer crime; Data mining; Encoding; IP networks; Internet; Invasive software; Network topology; Pressing; Resource management; Security;
Conference_Titel :
Computer Communications and Networks, 2004. ICCCN 2004. Proceedings. 13th International Conference on
Conference_Location :
Chicago, IL
Print_ISBN :
0-7803-8814-3
DOI :
10.1109/ICCCN.2004.1401609
