A practical and robust inter-domain marking scheme for IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
Scalable traceback against distributed denial of service
International Journal of Web and Grid Services
Fast autonomous system traceback
Journal of Network and Computer Applications
| Hi-index | 0.01 |
The design of the IP protocol makes it difficult toreliably identify the originator of an IP packet making thedefense against Distributed Denial of Service attacks oneof the hardest problems on the Internet today. Previoussolutions for this problem try to traceback to the exactorigin of the attack by requiring every router'sparticipation. For many reasons this requirement isimpractical and the victim ends up with an approximatelocation of the attacker. Reconstruction of the whole pathis also very difficult owing to the sheer size of theInternet.This paper presents lightweight schemes for tracingback to the attack-originating AS instead to the exactorigin itself. Once the attack-originating AS isdetermined, all further routers in the path to the attackerare within that AS and under the control of a singleentity; which can presumably monitor local traffic in amore direct way than a generalized, Internet scale, packetmarking scheme can. We also provide a scheme toprevent compromised routers from forging markings.