On design and evaluation of "intention-driven" ICMP traceback
作者: A. Mankin , D. Massey , Chien-Lung Wu , S.F. Wu , Lixia Zhang
DOI: 10.1109/ICCCN.2001.956234
关键词:
摘要: Since late 1999, DDoS (distributed denial of service) attack has drawn many attentions from both research and industry communities. Many potential solutions (e.g., ingress filtering, packet marking or tracing, aggregate-based congestion control rate limiting) have been proposed to handle this network bandwidth consumption attack. Among them, "ICMP traceback (iTrace)" is currently being considered as an standard by the IETF (Internet Engineering Task Force). While idea iTrace very clever, efficient, reasonably secure practical, it suffers a serious statistic problem such that chance for "useful" "valuable" messages can be extremely small against various types attacks. This implies most resources spent on generating utilizing will wasted. Therefore, we propose simple enhancement called "intention-driven" iTrace, which conceptually introduces extra bit in routing forwarding process. With new "intention-bit", shown that, through our simulation study, performance improves dramatically. work IETF's ICMP Trace-Back working group.
thefengs.com
ucdavis.edu 参考文章(9)
Dirk Fox, Computer Emergency Response Team (CERT). Datenschutz Und Datensicherheit. ,vol. 26, ,(2002)
Robert Stone, Centertrack: an IP overlay network for tracking DoS floods usenix security symposium. pp. 15- 15 ,(2000)
Steven Bellovin, Marcus Leech, Tom Taylor, ICMP Traceback Messages Internet Draft: draft-bellovin-itrace-00. txt. ,(2003) , 10.7916/D8FF406R
D. Senie, P. Ferguson, Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing RFC 2827-BCP 38. ,vol. 2267, pp. 1- 10 ,(1998)
Kihong Park, Heejo Lee, On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack international conference on computer communications. ,vol. 1, pp. 338- 347 ,(2001) , 10.1109/INFCOM.2001.916716
HY Chang, R Narayan, SF Wu, BM Vetter, X Wang, M Brown, JJ Yuill, C Sargor, F Jou, F Gong, None, DECIDUOUS: decentralized source identification for network-based intrusions integrated network management. pp. 701- 714 ,(1999) , 10.1109/INM.1999.770717
Dawn Xiaodong Song, A. Perrig, Advanced and authenticated marking schemes for IP traceback international conference on computer communications. ,vol. 2, pp. 878- 886 ,(2001) , 10.1109/INFCOM.2001.916279
J. Elliott, Distributed denial of service attacks and the zombie ant effect IT Professional. ,vol. 2, pp. 55- 57 ,(2000) , 10.1109/MITP.2000.839372
S. Savage, D. Wetherall, A. Karlin, T. Anderson, Network support for IP traceback IEEE ACM Transactions on Networking. ,vol. 9, pp. 226- 237 ,(2001) , 10.1109/90.929847