基于拓扑的分组标记

Proceedings. 13th International Conference on Computer Communications and Networks (IEEE Cat. No.04EX969) Pub Date : 2004-10-11 DOI:10.1109/ICCCN.2004.1401609

Basheer Al-Duwairi, Thomas E. Daniels

{"title":"基于拓扑的分组标记","authors":"Basheer Al-Duwairi, Thomas E. Daniels","doi":"10.1109/ICCCN.2004.1401609","DOIUrl":null,"url":null,"abstract":"Recently, several schemes have been proposed for IP traffic source identification for tracing attacks that employ source address spoofing such as denial of service (DoS) attacks. Most of these schemes are based on packet marking (i.e., augmenting IP packets with partial path information). A major challenge to packet marking schemes is the limited space available in the IP header for marking purposes. In this paper, we focus on this issue and propose a topology based encoding schemes supported by real Internet measurements. In particular, we propose an idealized deterministic edge append scheme in which we assume that the IP header can be modified to include the marking option field of fixed size. Also, we propose a deterministic pipelined packet marking scheme that is backward compatible with IPv4 (i.e., no IP header modification). The validity of both schemes depends directly on the statistical information that we extract from large data sets that represent Internet maps. Our studies show that it is possible to encode an entire path using 52 bits","PeriodicalId":229045,"journal":{"name":"Proceedings. 13th International Conference on Computer Communications and Networks (IEEE Cat. No.04EX969)","volume":"134 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"30","resultStr":"{\"title\":\"Topology based packet marking\",\"authors\":\"Basheer Al-Duwairi, Thomas E. Daniels\",\"doi\":\"10.1109/ICCCN.2004.1401609\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, several schemes have been proposed for IP traffic source identification for tracing attacks that employ source address spoofing such as denial of service (DoS) attacks. Most of these schemes are based on packet marking (i.e., augmenting IP packets with partial path information). A major challenge to packet marking schemes is the limited space available in the IP header for marking purposes. In this paper, we focus on this issue and propose a topology based encoding schemes supported by real Internet measurements. In particular, we propose an idealized deterministic edge append scheme in which we assume that the IP header can be modified to include the marking option field of fixed size. Also, we propose a deterministic pipelined packet marking scheme that is backward compatible with IPv4 (i.e., no IP header modification). The validity of both schemes depends directly on the statistical information that we extract from large data sets that represent Internet maps. Our studies show that it is possible to encode an entire path using 52 bits\",\"PeriodicalId\":229045,\"journal\":{\"name\":\"Proceedings. 13th International Conference on Computer Communications and Networks (IEEE Cat. No.04EX969)\",\"volume\":\"134 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2004-10-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"30\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. 13th International Conference on Computer Communications and Networks (IEEE Cat. No.04EX969)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCCN.2004.1401609\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. 13th International Conference on Computer Communications and Networks (IEEE Cat. No.04EX969)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCCN.2004.1401609","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 30

摘要

近年来，人们提出了几种IP流量源识别方案，用于跟踪利用源地址欺骗的攻击，如拒绝服务攻击。这些方案大多基于数据包标记(即，用部分路径信息增加IP数据包)。数据包标记方案的一个主要挑战是IP标头中用于标记的可用空间有限。本文针对这一问题，提出了一种基于拓扑的编码方案，该方案支持真实的互联网测量。特别是，我们提出了一种理想化的确定性边缘附加方案，其中我们假设IP报头可以修改以包含固定大小的标记选项字段。此外，我们提出了一种确定性的管道数据包标记方案，该方案向后兼容IPv4(即，不修改IP头)。这两种方案的有效性直接取决于我们从代表互联网地图的大型数据集中提取的统计信息。我们的研究表明，用52位编码整个路径是可能的

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Topology based packet marking

Recently, several schemes have been proposed for IP traffic source identification for tracing attacks that employ source address spoofing such as denial of service (DoS) attacks. Most of these schemes are based on packet marking (i.e., augmenting IP packets with partial path information). A major challenge to packet marking schemes is the limited space available in the IP header for marking purposes. In this paper, we focus on this issue and propose a topology based encoding schemes supported by real Internet measurements. In particular, we propose an idealized deterministic edge append scheme in which we assume that the IP header can be modified to include the marking option field of fixed size. Also, we propose a deterministic pipelined packet marking scheme that is backward compatible with IPv4 (i.e., no IP header modification). The validity of both schemes depends directly on the statistical information that we extract from large data sets that represent Internet maps. Our studies show that it is possible to encode an entire path using 52 bits

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings. 13th International Conference on Computer Communications and Networks (IEEE Cat. No.04EX969)

自引率

0.00%

发文量