Affiliation:
1. Department of Computer Science and Engineering, University of Washington, Seattle, WA
Abstract
This paper describes a technique for tracing anonymous packet flooding attacks in the Internet back towards their source. This work is motivated by the increased frequency and sophistication of denial-of-service attacks and by the difficulty in tracing packets with incorrect, or ``spoofed'', source addresses. In this paper we describe a general purpose traceback mechanism based on probabilistic packet marking in the network. Our approach allows a victim to identify the network path(s) traversed by attack traffic without requiring interactive operational support from Internet Service Providers (ISPs). Moreover, this traceback can be performed ``post-mortem'' -- after an attack has completed. We present an implementation of this technology that is incrementally deployable, (mostly) backwards compatible and can be efficiently implemented using conventional technology.
Publisher
Association for Computing Machinery (ACM)
Subject
Computer Networks and Communications,Software
Cited by
203 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. The time for reconstructing the attack graph in DDoS attacks;Journal of Mathematical Analysis and Applications;2024-03
2. Toward Adaptive DDoS-Filtering Rule Generation;2023 IEEE Conference on Communications and Network Security (CNS);2023-10-02
3. Detection of DDoS Attack;International Journal of Advanced Research in Science, Communication and Technology;2023-03-25
4. NetHCF: Filtering Spoofed IP Traffic With Programmable Switches;IEEE Transactions on Dependable and Secure Computing;2023-03-01
5. Detection Methods for Distributed Denial of Services (DDOS) Attacks;2023 7th International Conference on Computing Methodologies and Communication (ICCMC);2023-02-23