Fast autonomous system traceback
Journal of Network and Computer Applications
Security management with scalable distributed IP traceback
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
Hi-index | 0.00 |
Advanced and Authenticated Packet Marking (AAPM)[Advanced and Authenticated Marking schemes for IP traceback] scheme is one of the proposed packet marking schemes for the traceback of Denial of Service (DoS)attacks. AAPM uses hash functions to reduce the storagespace requirement for encoding of router information inthe IP header. In this paper we take the perspective ofthe attacker and analyze the effects of inserting fakeedges against AAPM. Since the AAPM scheme is subjectto spoofing of the marking field, by inserting fake edges(corrupting the marking field) in the packets the attackercan impede traceback. In this paper, we show that theattacker can increase this distance by inserting fakeedges in packets. Therefore, the attacker can make itappear to the victim that the attack was launched from anode farther away than it actually was, thus maintaininghis own anonymity.