• Login
    View Item 
    •   SMARTech Home
    • College of Computing (CoC)
    • School of Computer Science (SCS)
    • School of Computer Science Technical Reports
    • View Item
    •   SMARTech Home
    • College of Computing (CoC)
    • School of Computer Science (SCS)
    • School of Computer Science Technical Reports
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Scalable Hash-based IP Traceback Using Rate-limited Probabilistic Packet Marking

    Thumbnail
    View/Open
    GT-CSS-06-08.pdf (154.9Kb)
    Date
    2006
    Author
    Sung, Minho
    Chiang, Jason
    Xu, Jun
    Metadata
    Show full item record
    Abstract
    Recent surveys show that DDoS attack is still one of the major threats to the Internet security. Many techniques have been proposed to trace the origin of attacking packets, known as IP traceback problem, using either hash-based packet logging or probabilistic packet marking. However, both approaches have scalability problems under the heavy DDoS attacks in terms of the space and computational overheads. In this paper, we propose a novel scalable IP Traceback scheme by utilizing the advantage of both packet logging and marking to balance the overheads at routers and at the victim, hence scalable for both sides. The baseline idea of our approach is to sample a very small percentage (e.g., 1%) of packets at the routers, and save the digests of only sampled packets. At the same time, the routers mark their signature using very simple marking scheme into the marking field of sampled IP packets to send out the "information of logging" to the victim in probabilistic way to help the traceback procedure. We also propose a heuristic technique to improve the performance of the marking scheme. In the result, the number of attacking packets the victim should collect for the traceback procedure to achieve high level of traceback accuracy is much less than the numbers in previous PPM schemes, and also the computational and storage overhead in routers are much less than previous packet logging approach.
    URI
    http://hdl.handle.net/1853/14347
    Collections
    • College of Computing Technical Reports [506]
    • School of Computer Science Technical Reports [105]

    Browse

    All of SMARTechCommunities & CollectionsDatesAuthorsTitlesSubjectsTypesThis CollectionDatesAuthorsTitlesSubjectsTypes

    My SMARTech

    Login

    Statistics

    View Usage StatisticsView Google Analytics Statistics
    facebook instagram twitter youtube
    • My Account
    • Contact us
    • Directory
    • Campus Map
    • Support/Give
    • Library Accessibility
      • About SMARTech
      • SMARTech Terms of Use
    Georgia Tech Library266 4th Street NW, Atlanta, GA 30332
    404.894.4500
    • Emergency Information
    • Legal and Privacy Information
    • Human Trafficking Notice
    • Accessibility
    • Accountability
    • Accreditation
    • Employment
    © 2020 Georgia Institute of Technology