{"title":"利用柔性确定性包标记(FDPM)跟踪IP包","authors":"Y. Xiang, Wanlei Zhou","doi":"10.1109/IPOM.2004.1547624","DOIUrl":null,"url":null,"abstract":"Currently a large number of the notorious distributed denial of service (DDoS) attack incidents make people aware of the importance of the IP traceback technique. IP traceback is the ability to trace the IP packets to their origins. It provides a security system with the capability of identifying the true sources of the attacking IP packets. IP traceback mechanisms have been researched for years, aiming at finding the sources of IP packets quickly and precisely. In this paper, an IP traceback scheme, flexible deterministic packet marking (FDPM), is proposed. It provides more flexible features to trace the IP packets and can obtain better tracing capability over other IP traceback mechanisms, such as link testing, messaging, logging, probabilistic packet marking (PPM), and deterministic packet marking (DPM). The implementation and evaluation demonstrates that the FDPM needs moderately a small number of packets to complete the traceback process and requires little computation work; therefore this scheme is powerful to trace the IP packets. It can be applied in many security systems, such as DDoS defense systems, intrusion detection systems (IDS), forensic systems, and so on.","PeriodicalId":197627,"journal":{"name":"2004 IEEE International Workshop on IP Operations and Management","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"30","resultStr":"{\"title\":\"Trace IP packets by flexible deterministic packet marking (FDPM)\",\"authors\":\"Y. Xiang, Wanlei Zhou\",\"doi\":\"10.1109/IPOM.2004.1547624\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Currently a large number of the notorious distributed denial of service (DDoS) attack incidents make people aware of the importance of the IP traceback technique. IP traceback is the ability to trace the IP packets to their origins. It provides a security system with the capability of identifying the true sources of the attacking IP packets. IP traceback mechanisms have been researched for years, aiming at finding the sources of IP packets quickly and precisely. In this paper, an IP traceback scheme, flexible deterministic packet marking (FDPM), is proposed. It provides more flexible features to trace the IP packets and can obtain better tracing capability over other IP traceback mechanisms, such as link testing, messaging, logging, probabilistic packet marking (PPM), and deterministic packet marking (DPM). The implementation and evaluation demonstrates that the FDPM needs moderately a small number of packets to complete the traceback process and requires little computation work; therefore this scheme is powerful to trace the IP packets. It can be applied in many security systems, such as DDoS defense systems, intrusion detection systems (IDS), forensic systems, and so on.\",\"PeriodicalId\":197627,\"journal\":{\"name\":\"2004 IEEE International Workshop on IP Operations and Management\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2004-10-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"30\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2004 IEEE International Workshop on IP Operations and Management\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IPOM.2004.1547624\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2004 IEEE International Workshop on IP Operations and Management","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IPOM.2004.1547624","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Trace IP packets by flexible deterministic packet marking (FDPM)
Currently a large number of the notorious distributed denial of service (DDoS) attack incidents make people aware of the importance of the IP traceback technique. IP traceback is the ability to trace the IP packets to their origins. It provides a security system with the capability of identifying the true sources of the attacking IP packets. IP traceback mechanisms have been researched for years, aiming at finding the sources of IP packets quickly and precisely. In this paper, an IP traceback scheme, flexible deterministic packet marking (FDPM), is proposed. It provides more flexible features to trace the IP packets and can obtain better tracing capability over other IP traceback mechanisms, such as link testing, messaging, logging, probabilistic packet marking (PPM), and deterministic packet marking (DPM). The implementation and evaluation demonstrates that the FDPM needs moderately a small number of packets to complete the traceback process and requires little computation work; therefore this scheme is powerful to trace the IP packets. It can be applied in many security systems, such as DDoS defense systems, intrusion detection systems (IDS), forensic systems, and so on.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
