Packet track and traceback mechanism against denial of service attacks

Acta Metallurgica Sinica(English letters) ›› 2008, Vol. 15 ›› Issue (3): 51-58.doi:

• Wireless • Previous Articles Next Articles

Packet track and traceback mechanism against denial of service attacks

LI Li, SHEN Su-bin

Institute of Information Network Technology, Nanjing University of Posts and Telecommunications, Nanjing 210003, China

Received:2007-09-08 Revised:1900-01-01 Online:2008-09-30

Abstract

Abstract:

The denial of service attack is a main type of threat on the Internet today. On the basis of path identification (Pi) and Internet control message protocol (ICMP) traceback (iTrace) methods, a packet track and traceback mechanism is proposed, which features rapid response and high accuracy. In this scheme, routers apply packet marking scheme and send traceback messages, which enables the victim to design the path tree in peace time. During attack times the victim can trace attackers back within the path tree and perform rapid packet filtering using the marking in each packet. Traceback messages overcome Pi’s limitation, wherein too much path information is lost in path identifiers; whereas path identifiers can be used to expedite the design of the path-tree, which reduces the high overhead in iTrace. Therefore, our scheme not only synthesizes the advantages but also compromises the disadvantages of the above two methods. Simulation results with NS-2 show the validity of our scheme.

Key words:

denial of service (DoS) attack;traceback;packet marking;Pi

LI Li, SHEN Su-bin

. Packet track and traceback mechanism against denial of service attacks[J]. Acta Metallurgica Sinica(English letters), 2008, 15(3): 51-58.

References

1. Computer Emergency Response Team. Cert advisory ca-2000-01: denial-of-service developments. [2007-02-01]. http://www.cert.org/advisories/ CA-2000-01.html

2. Belenky A, Ansari N. On IP traceback. IEEE Communications Magazine, 2003, 41(7): 142–153

3. Savage S, Wetherall D, Karlin A, et al. Practical network support for IP traceback. Computer Communication Review, 2000, 30(4): 295–306

4. Dawn X S, Perrig A. Advanced and authenticated marking schemes for IP traceback. Proceedings of the 20th Annual Joint Conference of the IEEE Computer and Communications Societies, Apr 22–26 2001, Anchorage, AK, USA. Piscataway, NJ, USA: IEEE, 2001: 878–886

5. Yaar A, Perriq A, Sonq D. Pi: a path identification mechanism to defend against DDoS attacks. Proceedings of Symposium on Security and Privacy, May 11–14, 2003, Berkeley, CA, USA. Piscataway, NJ, USA: IEEE. 2003: 93–107

6. Park K, Lee H. On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack. Proceedings of the 20th Annual Joint Conference of the IEEE Computer and Communications Societies, Apr 22–26, 2001, Anchorage, AK, USA. Piscataway, NJ, USA: IEEE, 2001: 338–3347

7. Tchakountio F, Kent S T, Strayer W T. Hash-based IP traceback. Proceedings of Conference on Applications, Technologies, Architectures, and Protocol for Computer Communication (SIGCOMM’01), Aug 27–31, 2001. San Diego, CA, USA. New York, NY, USA: ACM, 2001: 3–14

8. Bellovin S, Leech M, Taylor T. Internet draft. ICMP traceback messages. [2007-02-01]. http://tools.ietf.org/html/draft-ietf-itrace-04

9. Chang R K C. Defending against flooding-based distributed denial-of-service attacks: a tutorial. IEEE Communications Magazine, 2002, 40(10): 42–51

Metrics

Comments

Copyright © 2020 The Journal of China Universities of Posts and Telecommunications
　 Adress: P.O. Box 231,Beijing University of Posts and Telecommunications,10 Xi Tucheng Road,Beijing 100876,P.R.China　Post Code: 100081
Tel：86-010-62282493　Fax： 86-010-62283461　E-mail: jchupt@bupt.edu.cn
Support by: Beijing Magtech Co.Ltd

[1]	Zhao Haiying, GUO Xuan. Pointer-prototype fusion network for few-shot named entity recognition [J]. The Journal of China Universities of Posts and Telecommunications, 2023, 30(5): 32-41.
[2]	Wang Zixian, Zhang Miao, Yan Danfeng . DRO-SLAM: Real-time object-aware SLAM for navigation robots and autonomous driving in dynamic environments [J]. The Journal of China Universities of Posts and Telecommunications, 2023, 30(3): 14-24.
[3]	Fan Xinyue, Wu Kai, Chen Shuai. RB-SLAM: visual SLAM based on rotated BEBLID feature point description [J]. The Journal of China Universities of Posts and Telecommunications, 2023, 30(3): 1-13.
[4]	Li Yajie, Zhang Jie. Artificial intelligence for optical transport networks: architecture, application and challenges [J]. The Journal of China Universities of Posts and Telecommunications, 2022, 29(6): 3-17.
[5]	Meng Wei, Wang Liting, Lu Meng. Summary of research on recommendation system based on serendipity [J]. The Journal of China Universities of Posts and Telecommunications, 2022, 29(4): 89-105.
[6]	Li Qinghua, Wang Jiahui, Li Haiming, Feng Chao. HQD-RRT*: a high-quality path planner for mobile robot in dynamic environment [J]. The Journal of China Universities of Posts and Telecommunications, 2022, 29(3): 69-80.
[7]	Zhang Miao, Wang Zixian, Yan Danfeng. Illumination robust image transformations for feature-based SLAM using photometric and feature matches loss [J]. The Journal of China Universities of Posts and Telecommunications, 2022, 29(3): 92-104.
[8]	You Yue, Li Qinghua, Chen Xiyuan, Zhang Zhao, Mu Yaqi, Feng Chao. S-RRT path planning based on slime mould biological model [J]. The Journal of China Universities of Posts and Telecommunications, 2021, 28(6): 55-64.
[9]	崔岩松白春雨. Dynamic load balancing algorithm for distributed system [J]. The Journal of China Universities of Posts and Telecommunications, 2021, 28(5): 91-101.
[10]	Liu Jun, Hu Yupu, Chen Jie. General digital rights management solution based on white-box cryptography [J]. The Journal of China Universities of Posts and Telecommunications, 2021, 28(1): 52-63.
[11]	Dun Shubo, Jin Qiuyan, Bi Lingyu, Wang Ziren, Xie Jun. Behavior modeling on the PIM performance in connectors using FEA method and circuit simulation [J]. The Journal of China Universities of Posts and Telecommunications, 2021, 28(1): 87-93.
[12]	. High gain multiband planar spiral slot rectenna with dipole arms [J]. The Journal of China Universities of Posts and Telecommunications, 2019, 26(3): 91-97.
[13]	Ru-Jia TIAN. Design of a Unified Rendering Shader for Mobile Device [J]. The Journal of China Universities of Posts and Telecommunications, 2019, 26(3): 81-90.
[14]	Yang Lingzhi, Ban Xiaojuan, Michele Mukeshimana, Chen Zhe. Multiple feature fusion for unimodal emotion recognition [J]. The Journal of China Universities of Posts and Telecommunications, 2019, 26(2): 17-29.
[15]	Yuan Fang, Tian Bin. Modified min-sum SCAN decoding algorithm for polar codes [J]. JOURNAL OF CHINA UNIVERSITIES OF POSTS AND TELECOM, 2018, 25(6): 90-96.

Packet track and traceback mechanism against denial of service attacks

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments