Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Tradeoffs in probabilistic packet marking for IP traceback
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
Hop integrity in computer networks
IEEE/ACM Transactions on Networking (TON)
Efficient packet marking for large-scale IP traceback
Proceedings of the 9th ACM conference on Computer and communications security
Beyond folklore: observations on fragmented traffic
IEEE/ACM Transactions on Networking (TON)
Pi: A Path Identification Mechanism to Defend against DDoS Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Hop-count filtering: an effective defense against spoofed DDoS traffic
Proceedings of the 10th ACM conference on Computer and communications security
Tracing Anonymous Packets to Their Approximate Source
LISA '00 Proceedings of the 14th USENIX conference on System administration
Centertrack: an IP overlay network for tracking DoS floods
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Coloring the Internet: IP Traceback
ICPADS '06 Proceedings of the 12th International Conference on Parallel and Distributed Systems - Volume 1
Tabu marking scheme to speedup IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
Learning the valid incoming direction of IP packets
Computer Networks: The International Journal of Computer and Telecommunications Networking
Unified defense against DDoS attacks
NETWORKING'07 Proceedings of the 6th international IFIP-TC6 conference on Ad Hoc and sensor networks, wireless networks, next generation internet
Hi-index | 0.01 |
The IP traceback is an attractive mechanism in defending against distributed denial-of-service (DDoS) attacks. In this paper we propose a new probabilistic packet marking (PPM) scheme for IP traceback, Tabu Marking Scheme (TMS). In this scheme a router regards a packet marked by an upstream router as a tabu and does not mark it again. Furthermore we derive a new analytical result on the partial coupon collection problem for convergence analysis. Numerical results show that TMS significantly reduces the convergence time under DDoS attacks, as compared with previous PPM schemes that allow overwriting. TMS also ensures the authentication of the routers' markings.