Routing in the Internet
Security problems in the TCP/IP protocol suite
ACM SIGCOMM Computer Communication Review
Internet Routing Architectures
Internet Routing Architectures
OC3MON: Flexible, Affordable, High Performance Staistics Collection
LISA '96 Proceedings of the 10th USENIX conference on System administration
Tracing Anonymous Packets to Their Approximate Source
LISA '00 Proceedings of the 14th USENIX conference on System administration
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Network support for IP traceback
IEEE/ACM Transactions on Networking (TON)
Efficient packet marking for large-scale IP traceback
Proceedings of the 9th ACM conference on Computer and communications security
IEEE/ACM Transactions on Networking (TON)
Tracing Network Attacks to Their Sources
IEEE Internet Computing
Autonomic Response to Distributed Denial of Service Attacks
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
An Evaluation of Different IP Traceback Approaches
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Providing Process Origin Information to Aid in Network Traceback
ATEC '02 Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference
A practical method to counteract denial of service attacks
ACSC '03 Proceedings of the 26th Australasian computer science conference - Volume 16
Pi: A Path Identification Mechanism to Defend against DDoS Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
IP Traceback: A New Denial-of-Service Deterrent?
IEEE Security and Privacy
A framework for classifying denial of service attacks
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Using graphic turing tests to counter automated DDoS attacks against web servers
Proceedings of the 10th ACM conference on Computer and communications security
Hop-count filtering: an effective defense against spoofed DDoS traffic
Proceedings of the 10th ACM conference on Computer and communications security
Distributed Management Architecture for Cooperative Detection and Reaction to DDoS Attacks
Journal of Network and Systems Management
Tracing DDoS Floods: An Automated Approach
Journal of Network and Systems Management
Preventing Internet denial-of-service with capabilities
ACM SIGCOMM Computer Communication Review
Edge-to-edge measurement-based distributed network monitoring
Computer Networks: The International Journal of Computer and Telecommunications Networking
DDoS attacks and defense mechanisms: classification and state-of-the-art
Computer Networks: The International Journal of Computer and Telecommunications Networking
The session token protocol for forensics and traceback
ACM Transactions on Information and System Security (TISSEC)
Defending Against Flash Crowds and Malicious Traffic Attacks with An Auction-Based Method
WI '04 Proceedings of the 2004 IEEE/WIC/ACM International Conference on Web Intelligence
Toward understanding distributed blackhole placement
Proceedings of the 2004 ACM workshop on Rapid malcode
Mitigating bandwidth-exhaustion attacks using congestion puzzles
Proceedings of the 11th ACM conference on Computer and communications security
Analyzing Distributed Denial of Service Tools: The Shaft Case
LISA '00 Proceedings of the 14th USENIX conference on System administration
Distinguishing between single and multi-source attacks using signal processing
Computer Networks: The International Journal of Computer and Telecommunications Networking
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
Tabu Marking Scheme for IP Traceback
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
Providing process origin information to aid in computer forensic investigations
Journal of Computer Security
Perimeter-Based Defense against High Bandwidth DDoS Attacks
IEEE Transactions on Parallel and Distributed Systems
You Can Run, But You Can't Hide: An Effective Statistical Methodology to Trace Back DDoS Attackers
IEEE Transactions on Parallel and Distributed Systems
WebSOS: an overlay-based system for protecting web servers from denial of service attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
CAPTRA: coordinated packet traceback
Proceedings of the 5th international conference on Information processing in sensor networks
Novel Hybrid Schemes Employing Packet Marking and Logging for IP Traceback
IEEE Transactions on Parallel and Distributed Systems
Inferring Internet denial-of-service activity
ACM Transactions on Computer Systems (TOCS)
Mitigating denial of service attacks: a tutorial
Journal of Computer Security
Tracers placement for IP traceback against DDoS attacks
Proceedings of the 2006 international conference on Wireless communications and mobile computing
On the Effectiveness of Secure Overlay Forwarding Systems under Intelligent Distributed DoS Attacks
IEEE Transactions on Parallel and Distributed Systems
Survey of network-based defense mechanisms countering the DoS and DDoS problems
ACM Computing Surveys (CSUR)
A practical and robust inter-domain marking scheme for IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
Tabu marking scheme to speedup IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
Stateful DDoS attacks and targeted filtering
Journal of Network and Computer Applications
Honeypot back-propagation for mitigating spoofing distributed Denial-of-Service attacks
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
An edge-to-edge filtering architecture against DoS
ACM SIGCOMM Computer Communication Review
Defense against spoofed IP traffic using hop-count filtering
IEEE/ACM Transactions on Networking (TON)
On deterministic packet marking
Computer Networks: The International Journal of Computer and Telecommunications Networking
Computer Networks: The International Journal of Computer and Telecommunications Networking
Using routing and tunneling to combat DoS attacks
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Cookies along trust-boundaries (CAT): accurate and deployable flood protection
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
A Divide-and-Conquer Strategy for Thwarting Distributed Denial-of-Service Attacks
IEEE Transactions on Parallel and Distributed Systems
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
ZSBT: a novel algorithm for tracing DoS attackers in MANETs
EURASIP Journal on Wireless Communications and Networking
AID: A global anti-DoS service
Computer Networks: The International Journal of Computer and Telecommunications Networking
Learning the valid incoming direction of IP packets
Computer Networks: The International Journal of Computer and Telecommunications Networking
Logging based IP Traceback in switched ethernets
Proceedings of the 1st European Workshop on System Security
Application of autonomic agents for global information grid management and security
Proceedings of the 2007 Summer Computer Simulation Conference
DDoS: design, implementation and analysis of automated model
International Journal of Wireless and Mobile Computing
Probabilistic packet marking for large-scale IP traceback
IEEE/ACM Transactions on Networking (TON)
Phalanx: withstanding multimillion-node botnets
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
To filter or to authorize: network-layer DoS defense against multimillion-node botnets
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
IP Traceback Using Digital Watermark and Honeypot
UIC '08 Proceedings of the 5th international conference on Ubiquitous Intelligence and Computing
DoSTRACK: a system for defending against DoS attacks
Proceedings of the 2009 ACM symposium on Applied Computing
WebSOS: an overlay-based system for protecting web servers from denial of service attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
IP traceback based on Chinese Remainder Theorem
CIIT '07 The Sixth IASTED International Conference on Communications, Internet, and Information Technology
Tagged fragment marking scheme with distance-weighted sampling for a fast IP traceback
APWeb'03 Proceedings of the 5th Asia-Pacific web conference on Web technologies and applications
Unified defense against DDoS attacks
NETWORKING'07 Proceedings of the 6th international IFIP-TC6 conference on Ad Hoc and sensor networks, wireless networks, next generation internet
A survey on the design, applications, and enhancements of application-layer overlay networks
ACM Computing Surveys (CSUR)
NetFence: preventing internet denial of service from inside out
Proceedings of the ACM SIGCOMM 2010 conference
Honeypot back-propagation for mitigating spoofing distributed denial-of-service attacks
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
DDoS detection and traceback with decision tree and grey relational analysis
International Journal of Ad Hoc and Ubiquitous Computing
A novel architecture for detecting and defending against flooding-based DDoS attacks
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Efficient technique for fast IP traceback
CDVE'06 Proceedings of the Third international conference on Cooperative Design, Visualization, and Engineering
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part IV
An adaptive edge marking based hierarchical IP traceback system
ICCNMC'05 Proceedings of the Third international conference on Networking and Mobile Computing
Overlay logging: an IP traceback scheme in MPLS network
ICN'05 Proceedings of the 4th international conference on Networking - Volume Part II
A proposal of extension of FMS-Based mechanism to find attack paths
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
Review: Analyzing well-known countermeasures against distributed denial of service attacks
Computer Communications
Capability-Based Defenses Against DoS Attacks in Multi-path MANET Communications
Wireless Personal Communications: An International Journal
| Hi-index | 0.00 |
Finding the source of forged Internet Protocol (IP) datagrams in a large, high-speed network is difficult due to the design of the IP protocol and the lack of sufficient capability in most high-speed, high-capacity router implementations. Typically, not enough of the routers in such a network are capable of performing the packet forwarding diagnostics required for this. As a result, tracking-down the source of a flood-type denial-of-service (DoS) attack is usually difficult or impossible in these networks. CenterTrack is an overlay network, consisting of IP tunnels or other connections, that is used to selectively reroute interesting datagrams directly from edge routers to special tracking routers. The tracking routers, or associated sniffers, can easily determine the ingress edge router by observing from which tunnel the datagrams arrive. The datagrams can be examined, then dropped or forwarded to the appropriate egress point. This system simplifies the work required to determine the ingress adjacency of a flood attack while bypassing any equipment which may be incapable of performing the necessary diagnostic functions.