Hash Based AS Traceback against DoS Attack

Abstract

The design of IP protocol creates difficulties in identifying the true source of any packet, which makes it one of the most arduous problems to defend against Denial of Service (DoS) attacks. This paper introduces an Autonomous System (AS) traceback mechanism based on probabilistic packet marking, which allows the victim to trace the attack-originating AS. Traceback on the AS level has several advantages containing a reduced number of routers involvement for packet marking as well as the required number of packets to infer the forward path. We utilize the IP packet header to implement our packet marking methodology. Our results show that a victim site can trace the attack path with 33.25 packets on average. Additionally, we provide an encoding method to significantly reduce the false cases in path reconstruction.