End-to-end routing behavior in the Internet
Conference proceedings on Applications, technologies, architectures, and protocols for computer communications
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
BGP routing stability of popular destinations
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Inferring Internet denial-of-service activity
ACM Transactions on Computer Systems (TOCS)
The spoofer project: inferring the extent of source address filtering on the internet
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Adaptive response system for distributed denial-of-service attacks
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
Computers & Mathematics with Applications
| Hi-index | 0.00 |
The paper describes a Non-Intrusive IP traceback scheme which uses sampled traffic under non-attack conditions to build and maintains caches of the valid source addresses transiting network routers. Under attack conditions, route anomalies are detected by determining which routers have been used for unknown source addresses, in order to construct the attack graph. Results of simulation studies are presented. Our approach does not require changes to the Internet routers or protocols. Precise information regarding the attack is not required allowing a wide variety of DDoS attack detection techniques to be used. Our algorithm is simple and efficient, allowing for a fast traceback and the scheme is scalable due to the distribution of processing workload.