Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
An analysis of using reflectors for distributed denial-of-service attacks
ACM SIGCOMM Computer Communication Review
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
Quantifying Network Denial of Service: A Location Service Case Study
ICICS '01 Proceedings of the Third International Conference on Information and Communications Security
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Novel Hybrid Schemes Employing Packet Marking and Logging for IP Traceback
IEEE Transactions on Parallel and Distributed Systems
Distributed packet pairing for reflector based DDoS attack mitigation
Computer Communications
Hi-index | 0.00 |
Probabilistic packet marking (PPM) is a techniquedesigned to identify packet traffic sources with lowstorage and processing overhead on network routers.In most previous PPM approaches, individual pathmessages carry only partial path information. Thesemethods are susceptible to "path falsification" attacks,which greatly reduce their effectiveness. This workproposes a path-falsification-attack free PPM algorithmcalled Path Information Caching and Aggregation(PICA) that records paths of packet streams in fix-lengthpath messages, thus eliminating the need ofpath reconstruction at the receiver end. Besides, byusing a router's forwarding table to decompose packetvolume, this semi-stateful method is more accurate intraffic volume report. It also supports both a packetrate-based path message generation algorithm and aredundant path message suppression mechanism tofurther eliminate path messages with the same destination.Finally, PICA protects PICA routers from beingattacked by faked path messages. We have performeda trace-driven simulation study on the proposed PICAalgorithm and compared its effectiveness with IETF'siTrace scheme by varying the sampling probability,the number of attack sources, and attack traffic rate.Compared to iTrace, the PICA algorithm reduces thetotal number of path messages required by a factorof more than 2, while reporting traffic volume moreaccurately.