摘要
This paper presents a dynamic probabilistic marking algorithm with multiple routing address tags, which allows the vic- tim to traceback the origin of ICMP (Internet Control Message Pro- tocol)-based direct and reflective DoS attacks. The proposed ap- proach makes full use of scalable data space of ICMP packet to achieve multiple information tags. The difference between this pro- posal and previous proposals lies in two points. First, the number of packets needed by the victim to reconstruct the attack path is greatly reduced because of three key mechanisms: multi-tag, uniform left- over probability, and tag location choice based on the module of accommodated tag numbers within a packet. Second, the true origin of both direct and reflective ICMP-based DoS attacks can be traced.
This paper presents a dynamic probabilistic marking algorithm with multiple routing address tags, which allows the vic- tim to traceback the origin of ICMP (Internet Control Message Pro- tocol)-based direct and reflective DoS attacks. The proposed ap- proach makes full use of scalable data space of ICMP packet to achieve multiple information tags. The difference between this pro- posal and previous proposals lies in two points. First, the number of packets needed by the victim to reconstruct the attack path is greatly reduced because of three key mechanisms: multi-tag, uniform left- over probability, and tag location choice based on the module of accommodated tag numbers within a packet. Second, the true origin of both direct and reflective ICMP-based DoS attacks can be traced.
基金
Supported by the National Natural Science Foundation of China(61271316)
National Key Basic Research Program of China(973 Program)(2010CB731403)
Opening Project of State Key Laboratory for Manufacturing Systems Engineering of Xi’an Jiaotong University(sklms2012005)
