End-to-end routing behavior in the Internet
IEEE/ACM Transactions on Networking (TON)
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Network support for IP traceback
IEEE/ACM Transactions on Networking (TON)
Stable internet routing without global coordination
IEEE/ACM Transactions on Networking (TON)
An algebraic approach to IP traceback
ACM Transactions on Information and System Security (TISSEC)
An analysis of using reflectors for distributed denial-of-service attacks
ACM SIGCOMM Computer Communication Review
Tradeoffs in probabilistic packet marking for IP traceback
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
Efficient packet marking for large-scale IP traceback
Proceedings of the 9th ACM conference on Computer and communications security
IEEE/ACM Transactions on Networking (TON)
Adjusted Probabilistic Packet Marking for IP Traceback
NETWORKING '02 Proceedings of the Second International IFIP-TC6 Networking Conference on Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; and Mobile and Wireless Communications
GOSSIB vs. IP Traceback Rumors
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Pi: A Path Identification Mechanism to Defend against DDoS Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
A framework for classifying denial of service attacks
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
An IP Traceback Technique against Denial-of-Service Attacks
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Authenticated Autonomous System Traceback
AINA '04 Proceedings of the 18th International Conference on Advanced Information Networking and Applications - Volume 2
DDoS attacks and defense mechanisms: classification and state-of-the-art
Computer Networks: The International Journal of Computer and Telecommunications Networking
Multifunctional ICMP Messages for e-Commerce
EEE '04 Proceedings of the 2004 IEEE International Conference on e-Technology, e-Commerce and e-Service (EEE'04)
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
Tracing Anonymous Packets to Their Approximate Source
LISA '00 Proceedings of the 14th USENIX conference on System administration
Centertrack: an IP overlay network for tracking DoS floods
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
IEEE Communications Magazine
Jikzi - a new framework for security policy, trusted publishing and electronic commerce
Computer Communications
IEEE Transactions on Parallel and Distributed Systems
On deterministic packet marking
Computer Networks: The International Journal of Computer and Telecommunications Networking
Distributed denial of service attack detection using an ensemble of neural classifier
Computer Communications
Multi-stage change-point detection scheme for large-scale simultaneous events
Computer Communications
| Hi-index | 0.00 |
A practical and robust inter-domain marking scheme for IP traceback is proposed. We first identify six drawbacks of Probabilistic Packet Marking (PPM), and then contrive a synergic scheme to address all of them. To relieve the victim from the daunting computational overhead, we derive the optimal marking probability with respect to the number of packets required for path reconstruction, and explore two different approaches to enhance PPM. In so doing, computational burden and spoofed marking inscribed by the attacker are thwarted. Next, we study the issue of bogus marking incurred by subverted routers. By coupling the marking and routing information, a downstream router can examine the correctness of the marking provided by upstream routers, thus eliminating the spurious marking embedded by subverted routers. Our coarse-grained marking tactic (marking at the AS level rather than hop-by-hop) brings two additional benefits: our scheme can effectively suppress false positives, and partial deployment of our scheme may achieve the similar effect as global deployment in the power-law Internet. Finally, we evaluate and analyze the performance of our proposal on empirical Internet measurement data. Results show that as many as 90.67% of marked packets required for path reconstruction may be reduced on average while false positives are greatly suppressed and robustness is significantly enhanced.