Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Network support for IP traceback
IEEE/ACM Transactions on Networking (TON)
An algebraic approach to IP traceback
ACM Transactions on Information and System Security (TISSEC)
Edge-to-edge measurement-based distributed network monitoring
Computer Networks: The International Journal of Computer and Telecommunications Networking
Improved algorithms for network topology discovery
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
On detecting service violations and bandwidth theft in QoS network domains
Computer Communications
Defending against flooding-based distributed denial-of-service attacks: a tutorial
IEEE Communications Magazine
IEEE Communications Magazine
Intrusion Detection Routers: Design, Implementation and Evaluation Using an Experimental Testbed
IEEE Journal on Selected Areas in Communications
| Hi-index | 0.00 |
IP-spoofed DDoS attack is a serious security problem in Internet. Thus, an IP traceback approach is essential. In this paper, a fast IP traceback approach (FTA) based on network statistic analysis is proposed. By maintaining the Branch Label Table (BLT) which contains some network statistics in edge routers, the time of IP traceback procedure is efficiently reduced. In addition, an adaptive packet filter is proposed to mitigate the DDoS attacks. The packet drop rate adapts to the location of DDoS attackers and the queue length. Finally, ns-2 simulation is conducted to evaluate FTA. The simulation results show FTA substantially accelerates IP traceback procedure. Moreover, the proposed adaptive packet filter efficiently mitigates the DDoS attacks.