The use of Internet has revolutionized the way information is exchanged, changed
business paradigms and put mission critical and sensitive systems online. Any dis-
ruption of this connectivity and the plethora of services provided results in significant
damages to everyone involved. Denial of Service (DoS) attacks are becoming increas-
ingly common and are the cause of lost time and revenue.
Flooding type DoS attacks use spoofed IP addresses to disguise the attackers.
This makes identification of the attackers extremely difficult. This work proposes a
new scheme that allows the victim of a DoS attack to identify the correct origin of the
malicious traffic. The suggested mechanism requires routers to mark packets using
adjusted probabilistic marking. This results in a lower number of packet-markings
required to identify the traffic source. Unlike many related works, we use the existing
IPv4 header structure to incorporate these markings. We simulate and test our
algorithms using real Internet trace data to show that our technique is fast, and
works successfully for a large number of distributed attackers.
Identifer | oai:union.ndltd.org:tamu.edu/oai:repository.tamu.edu:1969.1/1476 |
Date | 17 February 2005 |
Creators | Dube, Raghav |
Contributors | Kundur, Deepa |
Publisher | Texas A&M University |
Source Sets | Texas A and M University |
Language | en_US |
Detected Language | English |
Type | Book, Thesis, Electronic Thesis, text |
Format | 534089 bytes, electronic, application/pdf, born digital |
Page generated in 0.0021 seconds