Loading...
Please wait, while we are loading the content...
Similar Documents
Advanced and Authenticated Marking Schemes for
| Content Provider | CiteSeerX |
|---|---|
| Author | Traceback, Ip |
| Abstract | Abstract—Defending against distributed denial-of-service attacks is one of the hardest security problems on the Internet today. One difficulty to thwart these attacks is to trace the source of the attacks because they often use incorrect, or spoofed IP source addresses to disguise the true origin. In this paper, we present two new schemes, the Advanced Marking Scheme and the Authenticated Marking Scheme, which allow the victim to traceback the approximate origin of spoofed IP packets. Our techniques feature low network and router overhead, and support incremental deployment. In contrast to previous work, our techniques have significantly higher precision (lower false positive rate) and lower computation overhead for the victim to reconstruct the attack paths under large scale distributed denialof-service attacks. Furthermore the Authenticated Marking Scheme provides efficient authentication of routers ’ markings such that even a compromised router cannot forge or tamper markings from other uncompromised routers. Keywords — IP traceback, distributed denial-of-service attacks, DDoS, DoS, packet-marking traceback. I. |
| File Format | |
| Access Restriction | Open |
| Subject Keyword | Authenticated Marking Scheme Uncompromised Router Attack Path Security Problem Denial-of-service Attack Denialof-service Attack Spoofed Ip Packet True Origin Computation Overhead Router Overhead Keywords Ip Traceback Internet Today Compromised Router Cannot Forge Router Marking Approximate Origin Large Scale Ip Source Address Tamper Marking Abstract Defending Low Network Support Incremental Deployment Positive Rate Packet-marking Traceback Efficient Authentication New Scheme Advanced Marking Scheme |
| Content Type | Text |
| Resource Type | Article |
