Probabilistic packet marking for large-scale IP traceback

Authors:
Michael T. Goodrich
Affiliations:
Department of Computer Science, University of California, Irvine, CA
Venue:
IEEE/ACM Transactions on Networking (TON)
Year:
2008

Citing 9
Cited 4

Randomized algorithms

Randomized algorithms
Practical network support for IP traceback

Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Hash-based IP traceback

Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Efficient packet marking for large-scale IP traceback

Proceedings of the 9th ACM conference on Computer and communications security
Tracing Network Attacks to Their Sources

IEEE Internet Computing
Persistent Authenticated Dictionaries and Their Applications

ISC '01 Proceedings of the 4th International Conference on Information Security
Tracing Anonymous Packets to Their Approximate Source

LISA '00 Proceedings of the 14th USENIX conference on System administration
You Can Run, But You Can't Hide: An Effective Statistical Methodology to Trace Back DDoS Attackers

IEEE Transactions on Parallel and Distributed Systems
Centertrack: an IP overlay network for tracking DoS floods

SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9

Security management with scalable distributed IP traceback

IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
Demonstration experiments towards practical IP traceback on the internet

CCNC'10 Proceedings of the 7th IEEE conference on Consumer communications and networking conference
Service Violation Monitoring Model for Detecting and Tracing Bandwidth Abuse

Journal of Network and Systems Management
A confidence-based filtering method for DDoS attack defense in cloud environment

Future Generation Computer Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents an approach to IP traceback based on the probabilistic packet marking paradigm. Our approach, which we call randomize-and-link, uses large checksum cords to "link" message fragments in a way that is highly scalable, for the checksums serve both as associative addresses and data integrity verifiers. The main advantage of these checksum cords is that they spread the addresses of possible router messages across a spectrum that is too large for the attacker to easily create messages that collide with legitimate messages.