A TTL-Included IP Marking Scheme Against DDoS Attack
Date Issued
2004
Date
2004
Author(s)
Tuan, Kuang-Chin
DOI
en-US
Abstract
Distributed Denial of Service (DDoS) Attacks are a great threat to today’s Internet. Due to the stateless nature of the Internet, it is difficult to accurately determine the true source of an IP packet if the attacker wishes to conceal it. To institute responsibility for these attacks, the source of individual packets must be identified. This kind of problem is called IP traceback problem. In this paper, a TTL (time-to-live) value including authentication version of marking scheme and an algorithm of reconstruction using TTL-based hop count computation[5] are proposed. The proposed scheme is aim to rebuild the attack path and trace the true source of attack even under DdoS attacks. The proposed scheme improve Savage et al.’s scheme[3] that is vulnerable to DDoS attacks. Furthermore, the proposed scheme uses Message Authentication Code (MAC) as marking and put it in the IP identification field. This provides authentication to the marking of the packet. Nobody can forge or tamper the marking of the packet evading the authentication.
Subjects
存活時間
封包標記
分散式阻絕服務攻擊
TTL
DDoS attacks
IP marking
Type
thesis
File(s)![Thumbnail Image]()
Loading...
Name
ntu-93-P91921003-1.pdf
Size
23.31 KB
Format
Adobe PDF
Checksum
(MD5):c59a1980ecb4eb3d2fe9b5957d11cf5f