End-to-end internet packet dynamics
IEEE/ACM Transactions on Networking (TON)
Summary cache: a scalable wide-area web cache sharing protocol
IEEE/ACM Transactions on Networking (TON)
Trajectory sampling for direct traffic observation
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
LFSR-based Hashing and Authentication
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
MMH: Software Message Authentication in the Gbit/Second Rates
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Tracing Anonymous Packets to Their Approximate Source
LISA '00 Proceedings of the 14th USENIX conference on System administration
Centertrack: an IP overlay network for tracking DoS floods
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
An analysis of using reflectors for distributed denial-of-service attacks
ACM SIGCOMM Computer Communication Review
Tradeoffs in probabilistic packet marking for IP traceback
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
Hop integrity in computer networks
IEEE/ACM Transactions on Networking (TON)
IEEE/ACM Transactions on Networking (TON)
Efficient packet marking for large-scale IP traceback
Proceedings of the 9th ACM conference on Computer and communications security
Query-flood DoS attacks in gnutella
Proceedings of the 9th ACM conference on Computer and communications security
Measuring ISP topologies with rocketfuel
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Lightweight network support for scalable end-to-end services
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Sustaining Availability of Web Services under Distributed Denial of Service Attacks
IEEE Transactions on Computers
An Evaluation of Different IP Traceback Approaches
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Providing Process Origin Information to Aid in Network Traceback
ATEC '02 Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference
Adjusted Probabilistic Packet Marking for IP Traceback
NETWORKING '02 Proceedings of the Second International IFIP-TC6 Networking Conference on Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; and Mobile and Wireless Communications
Internet intrusions: global characteristics and prevalence
SIGMETRICS '03 Proceedings of the 2003 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Pi: A Path Identification Mechanism to Defend against DDoS Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
The effectiveness of request redirection on CDN robustness
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
A Path Information Caching and Aggregation Approach to Traffic Source Identification
ICDCS '03 Proceedings of the 23rd International Conference on Distributed Computing Systems
Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
A framework for classifying denial of service attacks
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Considering processing cost in network simulations
MoMeTools '03 Proceedings of the ACM SIGCOMM workshop on Models, methods and tools for reproducible network research
User-level internet path diagnosis
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Using graphic turing tests to counter automated DDoS attacks against web servers
Proceedings of the 10th ACM conference on Computer and communications security
Hop-count filtering: an effective defense against spoofed DDoS traffic
Proceedings of the 10th ACM conference on Computer and communications security
Distributed Management Architecture for Cooperative Detection and Reaction to DDoS Attacks
Journal of Network and Systems Management
Preventing Internet denial-of-service with capabilities
ACM SIGCOMM Computer Communication Review
Measuring ISP topologies with rocketfuel
IEEE/ACM Transactions on Networking (TON)
The Bloomier filter: an efficient data structure for static support lookup tables
SODA '04 Proceedings of the fifteenth annual ACM-SIAM symposium on Discrete algorithms
DDoS attacks and defense mechanisms: classification and state-of-the-art
Computer Networks: The International Journal of Computer and Telecommunications Networking
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
The session token protocol for forensics and traceback
ACM Transactions on Information and System Security (TISSEC)
Design and analysis of a replicated elusive server scheme for mitigating denial of service attacks
Journal of Systems and Software - Special issue: Performance modeling and analysis of computer systems and networks
Payload attribution via hierarchical bloom filters
Proceedings of the 11th ACM conference on Computer and communications security
Mitigating bandwidth-exhaustion attacks using congestion puzzles
Proceedings of the 11th ACM conference on Computer and communications security
Scalable multicast based filtering and tracing framework for defeating distributed DoS attacks
International Journal of Network Management
Distinguishing between single and multi-source attacks using signal processing
Computer Networks: The International Journal of Computer and Telecommunications Networking
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
An Extensible Platform for Evaluating Security Protocols
ANSS '05 Proceedings of the 38th annual Symposium on Simulation
Adaptive Distributed Traffic Control Service for DDoS Attack Mitigation
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
Tabu Marking Scheme for IP Traceback
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
Trade-offs in probabilistic packet marking for IP traceback
Journal of the ACM (JACM)
The effectiveness of request redirection on CDN robustness
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Data streaming algorithms for accurate and efficient measurement of traffic and flow matrices
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Providing process origin information to aid in computer forensic investigations
Journal of Computer Security
You Can Run, But You Can't Hide: An Effective Statistical Methodology to Trace Back DDoS Attackers
IEEE Transactions on Parallel and Distributed Systems
A DoS-limiting network architecture
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Towards an evolvable internet architecture
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Hotspot-based traceback for mobile ad hoc networks
Proceedings of the 4th ACM workshop on Wireless security
Flash crowd mitigation via adaptive admission control based on application-level observations
ACM Transactions on Internet Technology (TOIT)
WebSOS: an overlay-based system for protecting web servers from denial of service attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
An internet routing forensics framework for discovering rules of abnormal BGP events
ACM SIGCOMM Computer Communication Review
Monitoring the Macroscopic Effect of DDoS Flooding Attacks
IEEE Transactions on Dependable and Secure Computing
Tracking anonymous peer-to-peer VoIP calls on the internet
Proceedings of the 12th ACM conference on Computer and communications security
CAPTRA: coordinated packet traceback
Proceedings of the 5th international conference on Information processing in sensor networks
Novel Hybrid Schemes Employing Packet Marking and Logging for IP Traceback
IEEE Transactions on Parallel and Distributed Systems
Performance Models for Network Processor Design
IEEE Transactions on Parallel and Distributed Systems
A novel approach to detecting DDoS Attacks at an Early Stage
The Journal of Supercomputing
Fast statistical spam filter by approximate classifications
SIGMETRICS '06/Performance '06 Proceedings of the joint international conference on Measurement and modeling of computer systems
A survivable DoS-resistant overlay network
Computer Networks: The International Journal of Computer and Telecommunications Networking
Coloring the Internet: IP Traceback
ICPADS '06 Proceedings of the 12th International Conference on Parallel and Distributed Systems - Volume 1
Host mobility using an internet indirection infrastructure
Wireless Networks
Distributed mechanism in detecting and defending against the low-rate TCP attack
Computer Networks: The International Journal of Computer and Telecommunications Networking
Approximate encoding for direct access and query processing over compressed bitmaps
VLDB '06 Proceedings of the 32nd international conference on Very large data bases
One step ahead to multisensor data fusion for DDoS detection
Journal of Computer Security - Special issue on security track at ACM symposium on applied computing 2004
Attacker traceback with cross-layer monitoring in wireless multi-hop networks
Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks
Host Mobility Using an Internet Indirection Infrastructure
Proceedings of the 1st international conference on Mobile systems, applications and services
Survey of network-based defense mechanisms countering the DoS and DDoS problems
ACM Computing Surveys (CSUR)
Low-rate TCP-targeted denial of service attacks and counter strategies
IEEE/ACM Transactions on Networking (TON)
Tabu marking scheme to speedup IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
Non-intrusive IP traceback for DDoS attacks
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Stateful DDoS attacks and targeted filtering
Journal of Network and Computer Applications
Enhanced Internet security by a distributed traffic control service based on traffic ownership
Journal of Network and Computer Applications
An edge-to-edge filtering architecture against DoS
ACM SIGCOMM Computer Communication Review
Defense against spoofed IP traffic using hop-count filtering
IEEE/ACM Transactions on Networking (TON)
Computer Networks: The International Journal of Computer and Telecommunications Networking
A global marking scheme for tracing cyber attacks
Proceedings of the 2007 ACM symposium on Applied computing
Attrition defenses for a peer-to-peer digital preservation system
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
The spoofer project: inferring the extent of source address filtering on the internet
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Efficient and secure source authentication with packet passports
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
A Divide-and-Conquer Strategy for Thwarting Distributed Denial-of-Service Attacks
IEEE Transactions on Parallel and Distributed Systems
AID: A global anti-DoS service
Computer Networks: The International Journal of Computer and Telecommunications Networking
A network mitigation system against distributed denial of service: a linux-based prototype
IMSA'07 IASTED European Conference on Proceedings of the IASTED European Conference: internet and multimedia systems and applications
Performance analysis of probabilistic packet marking in IPv6
Computer Communications
Highly efficient techniques for network forensics
Proceedings of the 14th ACM conference on Computer and communications security
Journal of Parallel and Distributed Computing
Scalable traceback against distributed denial of service
International Journal of Web and Grid Services
International Journal of Security and Networks
Vulnerabilities in distance-indexed IP traceback schemes
International Journal of Security and Networks
International Journal of Security and Networks
SRUTI'07 Proceedings of the 3rd USENIX workshop on Steps to reducing unwanted traffic on the internet
Packet forwarding with source verification
Computer Networks: The International Journal of Computer and Telecommunications Networking
A general model of probabilistic packet marking for IP traceback
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Probabilistic packet marking for large-scale IP traceback
IEEE/ACM Transactions on Networking (TON)
Passport: secure and adoptable source authentication
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
To filter or to authorize: network-layer DoS defense against multimillion-node botnets
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Detecting DRDoS attacks by a simple response packet confirmation mechanism
Computer Communications
An Authentication Based Source Address Spoofing Prevention Method Deployed in IPv6 Edge Network
ICCS '07 Proceedings of the 7th international conference on Computational Science, Part IV: ICCS 2007
An Integrated Solution for Policy Filtering and Traffic Anomaly Detection
ATC '08 Proceedings of the 5th international conference on Autonomic and Trusted Computing
IP Traceback Using Digital Watermark and Honeypot
UIC '08 Proceedings of the 5th international conference on Ubiquitous Intelligence and Computing
A First Step towards Live Botmaster Traceback
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
A comprehensive taxonomy of DDOS attacks and defense mechanism applying in a smart classification
WSEAS Transactions on Computers
Fast autonomous system traceback
Journal of Network and Computer Applications
TVA: a DoS-limiting network architecture
IEEE/ACM Transactions on Networking (TON)
Host-based traceback; tracking bot and C&C server
Proceedings of the 3rd International Conference on Ubiquitous Information Management and Communication
Adaptive Bloom Filter: A Space-Efficient Counting Algorithm for Unpredictable Network Traffic
IEICE - Transactions on Information and Systems
A Novel Marking Probability Distribution Using Probability Propagation in Hierarchical WSN
Information Security and Cryptology
Packet doppler: network monitoring using packet shift detection
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
A prediction-based detection algorithm against distributed denial-of-service attacks
Proceedings of the 2009 International Conference on Wireless Communications and Mobile Computing: Connecting the World Wirelessly
De-anonymizing the internet using unreliable IDs
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
A TCAM-based solution for integrated traffic anomaly detection and policy filtering
Computer Communications
A2M: Access-Assured Mobile Desktop Computing
ISC '09 Proceedings of the 12th International Conference on Information Security
Understanding the efficacy of deployed internet source address validation filtering
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Distributed packet pairing for reflector based DDoS attack mitigation
Computer Communications
WebSOS: an overlay-based system for protecting web servers from denial of service attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
A survivable DoS-resistant overlay network
Computer Networks: The International Journal of Computer and Telecommunications Networking
Analysis of network processing workloads
Journal of Systems Architecture: the EUROMICRO Journal
IP traceback based on Chinese Remainder Theorem
CIIT '07 The Sixth IASTED International Conference on Communications, Internet, and Information Technology
A network mitigation system against distributed denial of service: a Linux-based prototype
EurolMSA '07 Proceedings of the Third IASTED European Conference on Internet and Multimedia Systems and Applications
New payload attribution methods for network forensic investigations
ACM Transactions on Information and System Security (TISSEC)
A table-driven approach for IP traceback based on network statistic analysis
ICACT'09 Proceedings of the 11th international conference on Advanced Communication Technology - Volume 3
NetReplay: a new network primitive
ACM SIGMETRICS Performance Evaluation Review
The sisterhood of the traveling packets
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
A master-slave recommended credibility model in mobile P2P based on chord
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
Unified defense against DDoS attacks
NETWORKING'07 Proceedings of the 6th international IFIP-TC6 conference on Ad Hoc and sensor networks, wireless networks, next generation internet
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Reconstruction of malicious internet flows
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
A survey of IP traceback mechanisms to overcome denial-of-service attacks
ICNVS'10 Proceedings of the 12th international conference on Networking, VLSI and signal processing
Demonstration experiments towards practical IP traceback on the internet
CCNC'10 Proceedings of the 7th IEEE conference on Consumer communications and networking conference
Multi-hop packet tracking for experimental facilities
Proceedings of the ACM SIGCOMM 2010 conference
Cardinality estimation and dynamic length adaptation for Bloom filters
Distributed and Parallel Databases
Honeypot back-propagation for mitigating spoofing distributed denial-of-service attacks
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
dfence: transparent network-based denial of service mitigation
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
IP trace back techniques to ferret out denial of service attack source
ISP'07 Proceedings of the 6th WSEAS international conference on Information security and privacy
A new and comprehensive taxonomy of DDoS attacks and defense mechanism
ISP'07 Proceedings of the 6th WSEAS international conference on Information security and privacy
ICCOMP'10 Proceedings of the 14th WSEAS international conference on Computers: part of the 14th WSEAS CSCC multiconference - Volume I
Distributed denial of service attack detection using an ensemble of neural classifier
Computer Communications
Traceback in wireless sensor networks with packet marking and logging
Frontiers of Computer Science in China
Toward a framework for forensic analysis of scanning worms
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Improved technique of IP address fragmentation strategies for dos attack traceback
CSR'06 Proceedings of the First international computer science conference on Theory and Applications
Efficient and beneficial defense against DDoS direct attack and reflector attack
ISPA'05 Proceedings of the Third international conference on Parallel and Distributed Processing and Applications
AAIM'06 Proceedings of the Second international conference on Algorithmic Aspects in Information and Management
A novel architecture for detecting and defending against flooding-based DDoS attacks
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Detecting SYN flooding attacks near innocent side
MSN'05 Proceedings of the First international conference on Mobile Ad-hoc and Sensor Networks
Formal analysis and improvement of the state transition model for intrusion tolerant system
WINE'05 Proceedings of the First international conference on Internet and Network Economics
A novel technique for detecting DDoS attacks at its early stage
ISPA'04 Proceedings of the Second international conference on Parallel and Distributed Processing and Applications
A dynamic path identification mechanism to defend against DDoS attacks
ICOIN'05 Proceedings of the 2005 international conference on Information Networking: convergence in broadband and mobile networking
An adaptive edge marking based hierarchical IP traceback system
ICCNMC'05 Proceedings of the Third international conference on Networking and Mobile Computing
An intelligent approach of packet marking at edge router for IP traceback
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part III
gore: routing-assisted defense against DDoS attacks
ISC'05 Proceedings of the 8th international conference on Information Security
Interval-based flow watermarking for tracing interactive traffic
Computer Networks: The International Journal of Computer and Telecommunications Networking
LOT: A Defense Against IP Spoofing and Flooding Attacks
ACM Transactions on Information and System Security (TISSEC)
Collaborative scheme for VoIP traceback
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Joining the Dots: Joining the dots
Network Security
A functional reference model of passive systems for tracing network traffic
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Where is the debugger for my software-defined network?
Proceedings of the first workshop on Hot topics in software defined networks
An incrementally deployable path address scheme
Journal of Parallel and Distributed Computing
Optimizing hash function number for BF-Based object locating algorithm
ICSI'12 Proceedings of the Third international conference on Advances in Swarm Intelligence - Volume Part II
Collaborative anomaly-based attack detection
IWSOS'07 Proceedings of the Second international conference on Self-Organizing Systems
Space-efficient structures for detecting port scans
DEXA'07 Proceedings of the 18th international conference on Database and Expert Systems Applications
Duplicate detection in pay-per-click streams using temporal stateful Bloom filters
International Journal of Data Analysis Techniques and Strategies
AK-PPM: an authenticated packet attribution scheme for mobile ad hoc networks
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
A novel hybrid IP traceback scheme with packet counters
IDCS'12 Proceedings of the 5th international conference on Internet and Distributed Computing Systems
International Journal of Information Security and Privacy
COSMO - emulation of internet traffic: poster abstract
Proceedings of the 6th International ICST Conference on Simulation Tools and Techniques
DataTraffic Monitoring and Analysis
Survey Bloom filter applications in network security: A state-of-the-art survey
Computer Networks: The International Journal of Computer and Telecommunications Networking
High-performance capabilities for 1-hop containment of network attacks
IEEE/ACM Transactions on Networking (TON)
Capability-Based Defenses Against DoS Attacks in Multi-path MANET Communications
Wireless Personal Communications: An International Journal
I know what your packet did last hop: using packet histories to troubleshoot networks
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
Hi-index | 0.00 |
The design of the IP protocol makes it difficult to reliably identify the originator of an IP packet. Even in the absence of any deliberate attempt to disguise a packet's origin, wide-spread packet forwarding techniques such as NAT and encapsulation may obscure the packet's true source. Techniques have been developed to determine the source of large packet flows, but, to date, no system has been presented to track individual packets in an efficient, scalable fashion.We present a hash-based technique for IP traceback that generates audit trails for traffic within the network, and can trace the origin of a single IP packet delivered by the network in the recent past. We demonstrate that the system is effective, space-efficient (requiring approximately 0.5% of the link capacity per unit time in storage), and implementable in current or next-generation routing hardware. We present both analytic and simulation results showing the system's effectiveness.