基于分支标签的IP回溯概率分组标记

The 11th IEEE International Conference on Networks, 2003. ICON2003. Pub Date : 2003-09-28 DOI:10.1109/ICON.2003.1266235

Toshiaki Ogawa, F. Nakamura, Y. Wakahara

{"title":"基于分支标签的IP回溯概率分组标记","authors":"Toshiaki Ogawa, F. Nakamura, Y. Wakahara","doi":"10.1109/ICON.2003.1266235","DOIUrl":null,"url":null,"abstract":"AbstructDistributed Denial-of-Services (DDoS) attacks have been one of the most serious security issues. DDoS attacks disable legitimate services on victim hosts by flooding packet flows to the hosts from a lot of different compromised hosts. I t i s considered the most effective mitigation to f i l ter the attacking packet flows at the router interfaces closest to the attackers. Precise identilieation of these interfaces i s a key poinL Edge Sample (ES) based Probabilistic Packet Marking (PPM) is an encouraging method to cope with source 1p spoofing, a popular identifieation jamming, which usually accompany DDoS attacks. But its fragmentation of path information leads to inefficiency in terms of necessarv number of oackets. oath calculation h e and _ _ identilicatinn accuracy. We Drowse BranchLahe1 (BL) based PPM to solve the above . . inefficiency pruhlem. I n HI., a single path infurmatinn is marked in a packet without fragmentation in conIra4 tn ES h a d P P M 'The \"hole palh inrurmativn in packets hy the HL appruarh i s expressed nilh branch information uf each muler interfaces. This hrin&? the folluuing three he) advantages in the pnrew of detecting the interfaces: quick increaw in (rue-pmilives detected (efficiencyl, quick dcCred.w in false-negatives detrrted (accuracy) and fast convergence (quicknc\\s).","PeriodicalId":122389,"journal":{"name":"The 11th IEEE International Conference on Networks, 2003. ICON2003.","volume":"58 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Branch label based probabilistic packet marking for IP traceback\",\"authors\":\"Toshiaki Ogawa, F. Nakamura, Y. Wakahara\",\"doi\":\"10.1109/ICON.2003.1266235\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"AbstructDistributed Denial-of-Services (DDoS) attacks have been one of the most serious security issues. DDoS attacks disable legitimate services on victim hosts by flooding packet flows to the hosts from a lot of different compromised hosts. I t i s considered the most effective mitigation to f i l ter the attacking packet flows at the router interfaces closest to the attackers. Precise identilieation of these interfaces i s a key poinL Edge Sample (ES) based Probabilistic Packet Marking (PPM) is an encouraging method to cope with source 1p spoofing, a popular identifieation jamming, which usually accompany DDoS attacks. But its fragmentation of path information leads to inefficiency in terms of necessarv number of oackets. oath calculation h e and _ _ identilicatinn accuracy. We Drowse BranchLahe1 (BL) based PPM to solve the above . . inefficiency pruhlem. I n HI., a single path infurmatinn is marked in a packet without fragmentation in conIra4 tn ES h a d P P M 'The \\\"hole palh inrurmativn in packets hy the HL appruarh i s expressed nilh branch information uf each muler interfaces. This hrin&? the folluuing three he) advantages in the pnrew of detecting the interfaces: quick increaw in (rue-pmilives detected (efficiencyl, quick dcCred.w in false-negatives detrrted (accuracy) and fast convergence (quicknc\\\\s).\",\"PeriodicalId\":122389,\"journal\":{\"name\":\"The 11th IEEE International Conference on Networks, 2003. ICON2003.\",\"volume\":\"58 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2003-09-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The 11th IEEE International Conference on Networks, 2003. ICON2003.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICON.2003.1266235\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The 11th IEEE International Conference on Networks, 2003. ICON2003.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICON.2003.1266235","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

分布式拒绝服务(DDoS)攻击已经成为最严重的安全问题之一。DDoS攻击通过从许多不同的受损主机向主机发送大量数据包流来禁用受害者主机上的合法服务。如果攻击报文在离攻击者最近的路由器接口上流动，则被认为是最有效的缓解方法。精确识别这些接口是关键。基于边缘样本(ES)的概率数据包标记(PPM)是应对源1p欺骗的一种令人鼓舞的方法，源1p欺骗是一种常见的识别干扰，通常伴随着DDoS攻击。但其路径信息的碎片化导致了在必要的攻击数量方面效率低下。誓言的计算和识别的准确性。我们提出了基于BranchLahe1 (BL)的PPM来解决上述问题。低效pruhlem。我在嗨。在conIra4中，单个路径信息被标记在一个没有分片的数据包中，而在conIra4和pmp中，hhl方法中的“孔路径信息”被表示为每个多接口的分支信息。这hrin&吗?在检测接口的过程中有以下三个优点:快速增加被检测对象的检测效率，快速删除。W在假阴性分散(精度)和快速收敛(quicknc\s)。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Branch label based probabilistic packet marking for IP traceback

AbstructDistributed Denial-of-Services (DDoS) attacks have been one of the most serious security issues. DDoS attacks disable legitimate services on victim hosts by flooding packet flows to the hosts from a lot of different compromised hosts. I t i s considered the most effective mitigation to f i l ter the attacking packet flows at the router interfaces closest to the attackers. Precise identilieation of these interfaces i s a key poinL Edge Sample (ES) based Probabilistic Packet Marking (PPM) is an encouraging method to cope with source 1p spoofing, a popular identifieation jamming, which usually accompany DDoS attacks. But its fragmentation of path information leads to inefficiency in terms of necessarv number of oackets. oath calculation h e and _ _ identilicatinn accuracy. We Drowse BranchLahe1 (BL) based PPM to solve the above . . inefficiency pruhlem. I n HI., a single path infurmatinn is marked in a packet without fragmentation in conIra4 tn ES h a d P P M 'The "hole palh inrurmativn in packets hy the HL appruarh i s expressed nilh branch information uf each muler interfaces. This hrin&? the folluuing three he) advantages in the pnrew of detecting the interfaces: quick increaw in (rue-pmilives detected (efficiencyl, quick dcCred.w in false-negatives detrrted (accuracy) and fast convergence (quicknc\s).

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

The 11th IEEE International Conference on Networks, 2003. ICON2003.

自引率

0.00%

发文量