Fragmentation considered harmful
SIGCOMM '87 Proceedings of the ACM workshop on Frontiers in computer communications technology
End-to-end routing behavior in the Internet
IEEE/ACM Transactions on Networking (TON)
An analysis of security incidents on the Internet 1989-1995
An analysis of security incidents on the Internet 1989-1995
Resource containers: a new facility for resource management in server systems
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Defending against denial of service attacks in Scout
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Providing guaranteed services without per flow management
Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Security problems in the TCP/IP protocol suite
ACM SIGCOMM Computer Communication Review
A review of port scanning techniques
ACM SIGCOMM Computer Communication Review
A Formal Framework and Evaluation Method for Network Denial of Service
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Server Selection Using Dynamic Path Characterization in Wide-Area Networks
INFOCOM '97 Proceedings of the INFOCOM '97. Sixteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Driving the Information Revolution
Holding intruders accountable on the Internet
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Tracing Anonymous Packets to Their Approximate Source
LISA '00 Proceedings of the 14th USENIX conference on System administration
Centertrack: an IP overlay network for tracking DoS floods
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Anonymous connections and onion routing
IEEE Journal on Selected Areas in Communications
Hop integrity in computer networks
IEEE/ACM Transactions on Networking (TON)
Query-flood DoS attacks in gnutella
Proceedings of the 9th ACM conference on Computer and communications security
IEEE/ACM Transactions on Networking (TON)
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Pi: A Path Identification Mechanism to Defend against DDoS Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
IP Traceback: A New Denial-of-Service Deterrent?
IEEE Security and Privacy
Using graphic turing tests to counter automated DDoS attacks against web servers
Proceedings of the 10th ACM conference on Computer and communications security
Decoupling policy from mechanism in Internet routing
ACM SIGCOMM Computer Communication Review
DDoS attacks and defense mechanisms: classification and state-of-the-art
Computer Networks: The International Journal of Computer and Telecommunications Networking
Tussle in cyberspace: defining tomorrow's internet
IEEE/ACM Transactions on Networking (TON)
You Can Run, But You Can't Hide: An Effective Statistical Methodology to Trace Back DDoS Attackers
IEEE Transactions on Parallel and Distributed Systems
Hotspot-based traceback for mobile ad hoc networks
Proceedings of the 4th ACM workshop on Wireless security
WebSOS: an overlay-based system for protecting web servers from denial of service attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
IEEE Transactions on Dependable and Secure Computing
Tracers placement for IP traceback against DDoS attacks
Proceedings of the 2006 international conference on Wireless communications and mobile computing
PRIMED: community-of-interest-based DDoS mitigation
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Protecting TCP services from denial of service attacks
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Some upper and lower bounds on the coupon collector problem
Journal of Computational and Applied Mathematics
A practical and robust inter-domain marking scheme for IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
Dynamic probabilistic packet marking for efficient IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
On deterministic packet marking
Computer Networks: The International Journal of Computer and Telecommunications Networking
A global marking scheme for tracing cyber attacks
Proceedings of the 2007 ACM symposium on Applied computing
Mayday: distributed filtering for internet services
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
Performance analysis of probabilistic packet marking in IPv6
Computer Communications
Learning the valid incoming direction of IP packets
Computer Networks: The International Journal of Computer and Telecommunications Networking
Expert Systems with Applications: An International Journal
Power to the people: securing the internet one edge at a time
Proceedings of the 2007 workshop on Large scale attack defense
Minimizing collateral damage by proactive surge protection
Proceedings of the 2007 workshop on Large scale attack defense
Logging based IP Traceback in switched ethernets
Proceedings of the 1st European Workshop on System Security
Protecting information infrastructure from DDoS attacks by MADF
International Journal of High Performance Computing and Networking
Scalable traceback against distributed denial of service
International Journal of Web and Grid Services
Vulnerabilities in distance-indexed IP traceback schemes
International Journal of Security and Networks
Detecting DRDoS attacks by a simple response packet confirmation mechanism
Computer Communications
Online Tracing Scanning Worm with Sliding Window
Information Security and Cryptology
A New Proactive Defense Model Based on Intrusion Deception and Traceback
Information Security and Cryptology
An Integrated Solution for Policy Filtering and Traffic Anomaly Detection
ATC '08 Proceedings of the 5th international conference on Autonomic and Trusted Computing
IP Traceback Using Digital Watermark and Honeypot
UIC '08 Proceedings of the 5th international conference on Ubiquitous Intelligence and Computing
Dynamic Probabilistic Packet Marking with Partial Non-Preemption
UIC '08 Proceedings of the 5th international conference on Ubiquitous Intelligence and Computing
A proposal for new marking scheme with its performance evaluation for IP traceback
WSEAS Transactions on Computer Research
Proactive surge protection: a defense mechanism for bandwidth-based attacks
SS'08 Proceedings of the 17th conference on Security symposium
IEEE/ACM Transactions on Networking (TON)
Counteract SYN flooding using second chance packet filtering
Proceedings of the 3rd International Conference on Ubiquitous Information Management and Communication
DoSTRACK: a system for defending against DoS attacks
Proceedings of the 2009 ACM symposium on Applied Computing
Information Security Journal: A Global Perspective
On the detection of signaling DoS attacks on 3G/WiMax wireless networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
A TCAM-based solution for integrated traffic anomaly detection and policy filtering
Computer Communications
Load-balanced agent activation for value-added network services
Computer Communications
WebSOS: an overlay-based system for protecting web servers from denial of service attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
Security management with scalable distributed IP traceback
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
A backpressure technique for filtering spoofed traffic at upstream routers
International Journal of Security and Networks
A table-driven approach for IP traceback based on network statistic analysis
ICACT'09 Proceedings of the 11th international conference on Advanced Communication Technology - Volume 3
A theoretical approach to parameter value selection of probabilistic packet marking for IP traceback
AINTEC '09 Asian Internet Engineering Conference
Proactive surge protection: a defense mechanism for bandwidth-based attacks
IEEE/ACM Transactions on Networking (TON)
A hybrid scheme using packet marking and logging for IP traceback
International Journal of Internet Protocol Technology
Enhanced and authenticated deterministic packet marking for IP traceback
APPT'07 Proceedings of the 7th international conference on Advanced parallel processing technologies
A survey of IP traceback mechanisms to overcome denial-of-service attacks
ICNVS'10 Proceedings of the 12th international conference on Networking, VLSI and signal processing
Evaluation of path recording techniques in secure MANET
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
Design of a secure packet processor
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Emerging trends in network forensics
Proceedings of the 2010 Conference of the Center for Advanced Studies on Collaborative Research
Analysis of traffic correlation attacks on router queues
Computer Networks: The International Journal of Computer and Telecommunications Networking
dfence: transparent network-based denial of service mitigation
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Counteracting DDoS attacks in WLAN
Proceedings of the 4th international conference on Security of information and networks
A new active DDoS defense system based on automatic learning
ASIAN'05 Proceedings of the 10th Asian Computing Science conference on Advances in computer science: data management on the web
Deterministic packet marking with link signatures for IP traceback
Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
Tracing the true source of an IPv6 datagram using policy based management system
APNOMS'06 Proceedings of the 9th Asia-Pacific international conference on Network Operations and Management: management of Convergence Networks and Services
On the generation of fast verifiable IPv6 addresses
ICCS'06 Proceedings of the 6th international conference on Computational Science - Volume Part IV
Safeguard information infrastructure against DDoS attacks: experiments and modeling
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Intrusion detection with CUSUM for TCP-Based DDoS
EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
Tracing denial of service origin: ant colony approach
EuroGP'06 Proceedings of the 2006 international conference on Applications of Evolutionary Computing
A lightweight IP traceback mechanism on IPv6
EUC'06 Proceedings of the 2006 international conference on Emerging Directions in Embedded and Ubiquitous Computing
Overlay logging: an IP traceback scheme in MPLS network
ICN'05 Proceedings of the 4th international conference on Networking - Volume Part II
Active host information-based abnormal IP address detection
ICN'05 Proceedings of the 4th international conference on Networking - Volume Part II
An intelligent approach of packet marking at edge router for IP traceback
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part III
gore: routing-assisted defense against DDoS attacks
ISC'05 Proceedings of the 8th international conference on Information Security
Developing and implementing IHPM on IXP 425 network processor platforms
WISA'05 Proceedings of the 6th international conference on Information Security Applications
Review: Analyzing well-known countermeasures against distributed denial of service attacks
Computer Communications
A secure packet marking scheme for IP traceback in IPv6
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
AK-PPM: an authenticated packet attribution scheme for mobile ad hoc networks
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Security challenges in embedded systems
ACM Transactions on Embedded Computing Systems (TECS) - Special section on ESTIMedia'12, LCTES'11, rigorous embedded systems design, and multiprocessor system-on-chip for cyber-physical systems
High-performance capabilities for 1-hop containment of network attacks
IEEE/ACM Transactions on Networking (TON)
| Hi-index | 0.00 |
This paper describes a technique for tracing anonymous packet flooding attacks in the Internet back toward their source. This work is motivated by the increased frequency and sophistication of denial-of-service attacks and by the difficulty in tracing packets with incorrect, or “spoofed,” source addresses. In this paper, we describe a general purpose traceback mechanism based on probabilistic packet marking in the network. Our approach allows a victim to identify the network path(s) traversed by attack traffic without requiring interactive operational support from Internet Service Providers (ISPs). Moreover, this traceback can be performed “post mortem”—after an attack has completed. We present an implementation of this technology that is incrementally deployable, (mostly) backward compatible, and can be efficiently implemented using conventional technology.