Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Network support for IP traceback
IEEE/ACM Transactions on Networking (TON)
Analysis of the autonomous system network topology
ACM SIGCOMM Computer Communication Review
GOSSIB vs. IP Traceback Rumors
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
An implementation of a hierarchical IP traceback architecture
SAINT-W '03 Proceedings of the 2003 Symposium on Applications and the Internet Workshops (SAINT'03 Workshops)
Internet connectivity at the AS-level: an optimization-driven modeling approach
MoMeTools '03 Proceedings of the ACM SIGCOMM workshop on Models, methods and tools for reproducible network research
Authenticated Autonomous System Traceback
AINA '04 Proceedings of the 18th International Conference on Advanced Information Networking and Applications - Volume 2
A DoS-limiting network architecture
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Hi-index | 0.00 |
Distributed Denial of Service (DDoS) attacks have recently emerged as one of the most potent, if not the greatest, weaknesses of the internet. Previous solutions for this problem try to traceback to the exact origin of the attack by requiring the participation of all routers. For many reasons this requirement is impractical. In the presence of non-participating routers most of the proposed schemes either fail in reconstructing the attack path or end up with an approximate location of the attacker. We propose Scalable Traceback (ST), an approach based on autonomous systems, to address this issue. ST has significant improvements over other works in several dimensions: (1) with just a few tens of packets, ST enables the victim to reconstruct the attack graph, an improvement of two to three orders of magnitude when compared to previous schemes; (2) ST scales to large distributed attacks with thousands of attacks; (3) the reconstruction takes only tens of seconds; (4) ST performs well even in the presence of legacy routers.