微信服务号

微信订阅号

2025-5-17- 23
Home > Archive>Volume 18, Issue 10, 2007 >2652-2661
PDF HTML XML Export Cite reminder
Router Numbering Based Adaptive Packet Marking
Author:
Affiliation:

  • Article
    • | |
  • Metrics
    • |
  • Reference [23]
    • |
  • Related [20]
    • |
  • Cited by [2]
    • | |
  • Comments
    Abstract:

    DDoS attack represents a big problem to the Internet community for its high profile,severe damage,and difficult defending.Several countermeasures are proposed for it in the literature,among which,Probabilistic Packet Marking (PPM) is promising.However, all the existing marking schemes are bearing limitations in some aspects.In this paper, a new packet marking scheme is proposed,which is more prompt because of fewer packets needed,more scalable and more efficient in computation compared with other schemes.Furthermore,this scheme limits attackers' ability in spoofing trace message.

    Reference
    [1]CERT.CERT statistics.http://www.cert.org/stats/#incidents
    [2]Park K,Lee H.A proactive approach to distributed DoS attack prevention using route-based packet filtering.Technical Report,CSDOO-017,Purdue University,2000.
    [3]Savage S,Wetherall D,Karlin A,Anderson T.Practical network support for IP traceback.In:Proc.of the 2000 ACM SIGCOMM Conf.Stockholm,2000.295-306.
    [4]McGuire D,Krebs B.Attack on Internet called largest ever.2002.http://www.Washingtonpost.com/ac2/wp-dyn/A828-20020ct22?
    [5]Lemos R.Attack targets.info domain system.ZDNet News,2002.http://news.zdnet.co.uk/internet/0,39020369,2126521,00.htm
    [6]CERT.Overview of attack trends,2002.http://www.cert.org/archive/pdf/attack_trends.pdf
    [7]Ferguson P,Senie D.Network ingress filtering:Defeating denial of service attacks which employ IP source address spoofing.rfc2827,2000.
    [8]Song DX,Perrig A.Advanced and authenticated marking schemes for IP traceback.In:Proc.of the IEEE INFOCOM 2001.2001.
    [9]Park K,Lee H.On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack.In:Proc.of the IEEE INFOCOM 2001.2001.338-347.
    [10]Snoeren AC,et al.Hash-Based IP traceback.In:Proc.of the ACM SIGCOMM 2001.2001.3-14.
    [11]Burch H,Cheswic B.Tracing anonymous packets to their approximate source.Usenix LISA,2000.313-321.
    [12]CISCO.Characterizing and tracing packet floods using Cisco routers.http://www.cisco.com/warp/public/707/22.html
    [13]Bellovin S,Leech M,Taylor T.ICMP traceback messages.Work in Progress,Internet Draft,draft-ietf-itrace-02.txt,2001.
    [14]Stone R.Centertrack:An IP overlay network for tracking DoS floods.In:Proc.of the 9th USENIX Security Symp.2000.
    [15]Stoica I,Zhang H.Providing guaranteed services without per flow management.In:Proc.of the '99 ACM SIGCOMM Conf.Boston,1999.81-94.
    [16]Houle KJ,Weaver GM,Long N,Thomas R.Trends in Denial of Service Attack Technology.CERT(R) Coordination Center.2002
    [17]Li DQ,Su PR,Feng DG.Notes on packet marking for IP traceback.Journal of Software,2004,15(2):250-258(in English with Chinese abstract).http://www.jos.org.cn/1000-9825/15/250.htm
    [18]Li DQ,Xu YD,Su PR,Feng DG.Adaptive packet marking for IP traceback.Acta Electronica Sinica,2004,32(8):1334-1337(in Chinese with English abstract).
    [19]Li DQ.Denial of Service Attack.Beijing:Publishing House of Electronic Industry,2007(in Chinese).
    [17]李德全,苏璞睿,冯登国.用于IP跟踪的包标记的注记.软件学报,2004,15(2):250-258.http://www.jos.org.cn/1000-9825/15/250.htm
    [18]李德全,徐一丁,苏璞睿,冯登国.IP追踪中的自适应包标记.电子学报,2004,32(8):1334-1337.
    [19]李德全.拒绝服务攻击.北京:电子工业出版社,2007. [1]At the victim,if the distance field in a packet is k,the router that marks the packet is k+1 hops away.
    [2]For simplicity,we suppose that IP addresses are randomly distributed.
    Comments
    Comments
    分享到微博
    Submit
Get Citation

李德全,苏璞睿,魏东梅,冯登国.基于路由器编码的自适应包标记.软件学报,2007,18(10):2652-2661

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:November 22,2004
  • Revised:March 31,2006
Links:Institute of Software, CASChina Computer FederationCASNSFC
You are the first2045295Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063