Practical network support for IP traceback-Reference-Cited by-同舟云学术

Practical network support for IP traceback

Published:2000-10 Issue:4 Volume:30 Page:295-306
ISSN:0146-4833
Container-title:ACM SIGCOMM Computer Communication Review
language:en
Short-container-title:SIGCOMM Comput. Commun. Rev.

Author:

Savage Stefan¹,Wetherall David¹,Karlin Anna¹,Anderson Tom¹

Affiliation:

1. Department of Computer Science and Engineering, University of Washington, Seattle, WA

Abstract

This paper describes a technique for tracing anonymous packet flooding attacks in the Internet back towards their source. This work is motivated by the increased frequency and sophistication of denial-of-service attacks and by the difficulty in tracing packets with incorrect, or ``spoofed'', source addresses. In this paper we describe a general purpose traceback mechanism based on probabilistic packet marking in the network. Our approach allows a victim to identify the network path(s) traversed by attack traffic without requiring interactive operational support from Internet Service Providers (ISPs). Moreover, this traceback can be performed ``post-mortem'' -- after an attack has completed. We present an implementation of this technology that is incrementally deployable, (mostly) backwards compatible and can be efficiently implemented using conventional technology.

Publisher

Association for Computing Machinery (ACM)

Subject

Computer Networks and Communications,Software

Link

https://dl.acm.org/doi/pdf/10.1145/347057.347560

Reference44 articles.

1. Requirements for IP Version 4 Routers

2. Security problems in the TCP/IP protocol suite

3. S. M. Bellovin. ICMP Traceback Messages. Internet Draft: draft-bellovin-itrace-00.txt Mar. 2000.]] S. M. Bellovin. ICMP Traceback Messages. Internet Draft: draft-bellovin-itrace-00.txt Mar. 2000.]]

4. R. Braden. Requirements for Internet Hosts - Communication Layers. RFC 1122 Oct. 1989.]] R. Braden. Requirements for Internet Hosts - Communication Layers. RFC 1122 Oct. 1989.]]

Cited by 206 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Toward Practical Inter-Domain Source Address Validation;IEEE/ACM Transactions on Networking;2024-08

2. Effective DDoS Mitigation via ML-Driven In-Network Traffic Shaping;IEEE Transactions on Dependable and Secure Computing;2024-07

3. The time for reconstructing the attack graph in DDoS attacks;Journal of Mathematical Analysis and Applications;2024-03

4. DDoS family: A novel perspective for massive types of DDoS attacks;Computers & Security;2024-03

5. Toward Adaptive DDoS-Filtering Rule Generation;2023 IEEE Conference on Communications and Network Security (CNS);2023-10-02