A Fast Deterministic Packet Marking Scheme for IP Traceback

被引：1

作者：

Wang Xiao-jing ^{[1
]}

Hu Chang-zhen ^{[1
]}

Hu He ^{[1
]}

机构：

[1] Beijing Inst Technol, Lab Comp Network Def Technol, Beijing 100081, Peoples R China

来源：

MINES 2009: FIRST INTERNATIONAL CONFERENCE ON MULTIMEDIA INFORMATION NETWORKING AND SECURITY, VOL 2, PROCEEDINGS | 2009年

关键词：

network security; distributed denial of service; IP traceback; deterministic packet marking;

D O I：

10.1109/MINES.2009.200

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

A Fast Deterministic Packet Marking scheme (FDPM) for IP traceback against distributed denial of service attacks is presented, which applies a novel marking algorithm and significantly improves IP traceback in two aspects: (1) the victim doesn't need to accommodate fragments for recovery, so it needs several packets to identify an ingress router with lower false positives; (2) FDPM can scales to large distributed attacks with thousands of attackers. Theoretical analysis and the pseudo code are provided. Compared with previous DPM schemes, average convergence time of FDPM decreased by 86.3% packets or even more. Therefore FDPM is more efficient and represents a step forward in performance.

引用

页码：526 / 529

页数：4

共 9 条

[1] [Anonymous], 1968, An introduction to probability theory and its applications
[2] Accommodating fragmentation in deterministic packet marking for IP traceback
Belenky, A
Ansari, N
[J]. GLOBECOM'03: IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE, VOLS 1-7, 2003, : 1374 - 1378
[3] Belenky A, 2003, 2003 IEEE PACIFIC RIM CONFERENCE ON COMMUNICATIONS, COMPUTERS, AND SIGNAL PROCESSING, VOLS 1 AND 2, CONFERENCE PROCEEDINGS, P49
[4] IP traceback with deterministic packet marking
Belenky, A
Ansari, N
[J]. IEEE COMMUNICATIONS LETTERS, 2003, 7 (04) : 162 - 164
[5] BIRTHDAY PARADOX, COUPON COLLECTORS, CACHING ALGORITHMS AND SELF-ORGANIZING SEARCH
FLAJOLET, P
GARDY, D
THIMONIER, L
[J]. DISCRETE APPLIED MATHEMATICS, 1992, 39 (03) : 207 - 229
[6] Tracing cyber attacks from the practical perspective
Gao, ZQ
Ansari, N
[J]. IEEE COMMUNICATIONS MAGAZINE, 2005, 43 (05) : 123 - 131
[7] Deterministic packet marking based on redundant decomposition for IP traceback
Jin, Guang
Yang, Jiangang
[J]. IEEE COMMUNICATIONS LETTERS, 2006, 10 (03) : 204 - 206
[8] Song DXD, 2001, IEEE INFOCOM SER, P878, DOI 10.1109/INFCOM.2001.916279
[9] Yaar A, 2005, IEEE INFOCOM SER, P1395

← 1 →