Packet track and traceback mechanism against denial of service attacks

作     者：LI Li SHEN Su-bin 

作者机构：Institute of Information Network Technology Nanjing University of Posts and Telecommunications Nanjing 210003 China 

出 版 物：《The Journal of China Universities of Posts and Telecommunications》 (中国邮电高校学报（英文版）)

年 卷 期：2008年第15卷第3期

页      面：51-58页

核心收录：

学科分类：0839[工学-网络空间安全] 08[工学] 

基　　金：the National Natural Science Foundation of China (60273091) Blue Project in Nanjing University of Posts and Telecommunications (NY207118) 

主　　题：denial of service (DoS) attack traceback packet marking Pi 

摘      要：The denial of service attack is a main type of threat on the Internet today. On the basis of path identification （Pi） and Internet control message protocol （ICMP） traceback （iTrace） methods, a packet track and traceback mechanism is proposed, which features rapid response and high accuracy. In this scheme, routers apply packet marking scheme and send traceback messages, which enables the victim to design the path tree in peace time. During attack times the victim can trace attackers back within the path tree and perform rapid packet filtering using the marking in each packet. Traceback messages overcome Pi＇s limitation, wherein too much path information is lost in path identifiers; whereas path identifiers can be used to expedite the design of the path-tree, which reduces the high overhead in iTrace. Therefore, our scheme not only synthesizes the advantages but also compromises the disadvantages of the above two methods. Simulation results with NS-2 show the validity of our scheme.