Service Violation Monitoring Model for Detecting and Tracing Bandwidth Abuse
Journal of Network and Systems Management
| Hi-index | 0.00 |
This paper proposes a fractional-step algorithm based on Autonomous System(AS) to trace Distributed Denial of Service (DDoS) attack source by dividing the tracing process into two steps. In the first step, Deterministic Packet Marking based on AS (ASDPM) is adopted to determine the attack-originating AS. In the second step, Non-repeated Probabilistic Packet Marking(NRPPM) is used to identify the exact origin of the attacks in the specific AS. Compared with previous algorithms, the two-step traceback algorithm has the benefits of low bandwidth consumption, quick convergence speed, light computational overhead and low false positive, it can decrease the number of packets the path reconstruction needs, and increase the efficiency of path reconstruction, hence making it possible to trace the DDoS attack source on a real-time basis.