Trust based traffic monitoring approach for preventing denial of service attacks
Proceedings of the 2nd international conference on Security of information and networks
Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks
Journal of Network and Computer Applications
Application of IP traceback mechanism to onlinevoting system
ADCONS'11 Proceedings of the 2011 international conference on Advanced Computing, Networking and Security
A secure packet marking scheme for IP traceback in IPv6
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
Service Violation Monitoring Model for Detecting and Tracing Bandwidth Abuse
Journal of Network and Systems Management
Robust network traffic identification with unknown applications
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
A confidence-based filtering method for DDoS attack defense in cloud environment
Future Generation Computer Systems
Bionic Autonomic Nervous Systems for Self-Defense against DoS, Spyware, Malware, Virus, and Fishing
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Hi-index | 0.00 |
IP traceback is the enabling technology to control Internet crime. In this paper we present a novel and practical IP traceback system called Flexible Deterministic Packet Marking (FDPM) which provides a defense system with the ability to find out the real sources of attacking packets that traverse through the network. While a number of other traceback schemes exist, FDPM provides innovative features to trace the source of IP packets and can obtain better tracing capability than others. In particular, FDPM adopts a flexible mark length strategy to make it compatible to different network environments; it also adaptively changes its marking rate according to the load of the participating router by a flexible flow-based marking scheme. Evaluations on both simulation and real system implementation demonstrate that FDPM requires a moderately small number of packets to complete the traceback process; add little additional load to routers and can trace a large number of sources in one traceback process with low false positive rates. The built-in overload prevention mechanism makes this system capable of achieving a satisfactory traceback result even when the router is heavily loaded. It has been used to not only trace DDoS attacking packets but also enhance filtering attacking traffic.