標題: | A deterministic packet marking scheme for tracing multiple Internet attackers |
作者: | Lee, TH Huang, TYW Lin, I 電信工程研究所 Institute of Communications Engineering |
公開日期: | 2005 |
摘要: | Deterministic packet marking (DPM) has recently been proposed as an alternative approach for IP traceback. It requires no extra bandwidth and is backward compatible with Internet equipments that do not implement it. Moreover, service providers can implement it without revealing their internal network topology. Unfortunately, the false positive rate could be very high if multiple hosts use the same source address to attack the victim simultaneously. Even worse, no source will be identified if attackers change their source addresses for every packet they send. These two problems can be solved with a modified DPM scheme which we called DPM with address digest (DPM-AD). We found that the false positive rate of the DPM-AD scheme could be much higher than it was claimed when the number of ingress router interfaces is larger than the number of attackers. In this paper, we propose and evaluate the false positive rate of a novel DPM scheme that is much more scalable than the DPM-AD scheme. Our analysis and simulation results show that the proposed DPM scheme can trace 1K simultaneous attackers at a false positive rate less than 0.5% with acceptable reconstruction complexity. |
URI: | http://hdl.handle.net/11536/17558 |
ISBN: | 0-7803-8938-7 |
ISSN: | 1550-3607 |
期刊: | ICC 2005: IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, VOLS 1-5 |
起始頁: | 850 |
結束頁: | 854 |
顯示於類別: | 會議論文 |