|
|||||
|
|
A dynamic probabilistic marking approach with multi-tag for tracing ICMP-based DoS attacks |
|
| Authors: | Xiuzhen Chen Jin Ma Shenghong Li Ken Chen Ahmed Serhrouchni |
| Institution: | 1. State Key Laboratory for Manufacturing Systems Engineering, Xi’an Jiaotong University, Xi’an, 710049, Shaanxi, China 2. School of Information Security Engineering, Shanghai Jiao Tong University, Shanghai, 200240, China 3. Les Laboratoires de l’Institut Galilée, Université Paris 13, Paris, 93430, France 4. Network and Computer Science Department, Telecom ParisTech, Paris, 75634, France |
| Abstract: | This paper presents a dynamic probabilistic marking algorithm with multiple routing address tags, which allows the victim to traceback the origin of ICMP (Internet Control Message Protocol)-based direct and reflective DoS attacks. The proposed approach makes full use of scalable data space of ICMP packet to achieve multiple information tags. The difference between this proposal and previous proposals lies in two points. First, the number of packets needed by the victim to reconstruct the attack path is greatly reduced because of three key mechanisms: multi-tag, uniform leftover probability, and tag location choice based on the module of accommodated tag numbers within a packet. Second, the true origin of both direct and reflective ICMP-based DoS attacks can be traced. |
| Keywords: | |
| 本文献已被 SpringerLink 等数据库收录! | |