IP traceback-based intelligent packet filtering: A novel technique for defending against internet DDoS attacks

IEEE Transactions on Parallel and Distributed Systems

Volumn 14, Issue 9, 2003, Pages 861-872

  Sung, Minho ^a   Xu, Jun ^a  

^a Georgia Institute of Technology   (United States)

Author keywords

Distributed denial of service (DDoS); IP traceback; Performance modeling and simulation

Indexed keywords

COMPUTER SIMULATION; INTERNET; NETWORK PROTOCOLS; PACKET SWITCHING; PROBABILITY; SIGNAL FILTERING AND PREDICTION; TELECOMMUNICATION TRAFFIC;

DISTRIBUTED DENIAL OF SERVICE; INTELLIGENT PACKET FILTERING; INTERNET PROTOCOL TRACEBACK;

SECURITY OF DATA;

EID: 0142039750     PISSN: 10459219     EISSN: None     Source Type: Journal    
DOI: 10.1109/TPDS.2003.1233709     Document Type: Article

References (25)

1. L. Garber, "Denial-of-Service Attacks Rip the Internet," Computer, vol. 33, no. 4, pp. 12-17, Apr. 2000.
2. H. Burch and B. Cheswick, "Tracing Anonymous Packets to Their Approximate Source," Proc. Usenix LISA Conf., Dec. 2000.
3. D. Dean, M. Franklin, and A. Stubblefield, "An Algebraic Approach to IP Traceback," Proc. Network and Distributed System Security Symp., pp. 3-12, Feb. 2001.
4. S. Savage, D. Wetherall, A. Karlin, and T. Anderson, "Practical Network Support for IP Traceback," Proc. ACM SIGCOMM, pp. 295-306, Aug. 2000.
5. D. Song and A. Perrig, "Advanced and Authenticated Marking Schemes for IP Traceback," Proc. Infocom, Apr. 2001.
6. D. Doeppner, P. Klein, and A. Koyfman, "Using Router Stamping to Identify the Source of IP Packets," Proc. ACM Conf. Computer and Comm. Security, pp. 184-189, Nov. 2000.
7. A. Snoeren et al., "Hash-Based IP Traceback," Proc. ACM Sigcomm, Aug. 2001.
8. S. Bellovin, "Internet Draft: ICMP Traceback Messages," technical report, Network Working Group, Mar. 2000.
9. R. Mahajan, S. Bellovin, S. Floyd, J. Ioannidis, V. Paxson, and S. Shenker, "Controlling High Bandwidth Aggregates in the Network," technical report, ACIRI and AT&T Labs Research, Feb. 2001.
10. B. Cheswick, "Internet Mapping," available at http://cm.bell-labs.com/who/ches/map/dbs/index.html, 1999.
11. B. Bloom, "Space/Time Trade-Offs in Hash Coding with Allowable Errors," Comm, ACM, vol. 13, no. 7, pp. 422-426, 1970.
12. Caida's Skitter Project Web Page, http://www.caida.org/Tools/Skitter/, 2003.
13. Akamai Technologies Inc., http://www.akamai.com/, 2003.
14. J. Xu and W. Lee, "Sustaining Availability of Web Services under Severe Denial of Service Attacks," IEEE Trans. Computers, vol. 52, no. 2, Feb. 2003.
15. P. Karn and W. Simpson, "Photuris: Session-Key Management Protocol," IETF RFC 2522, Mar. 1999.
16. J. Howard, "An Analysis of Security Incidents on the Internet," PhD thesis, Carnegie Mellon Univ., Aug. 1998.
17. CERT, "TCP SYN Flooding and IP Spoofing Attacks," Advisory CA-96.21, Sept. 1996.
18. A. Juels and J. Brainard, "Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks," Proc. Network and Distributed System Security Symp., Mar. 1999.
19. C. Schuba et al., "Analysis of a Denial of Service Attack on TCP," Proc. IEEE Symp. Security and Privacy, 1997.
20. Checkpoint Inc., "TCP SYN Flooding Attack and the Firewall-1 Syndefender," http://www.checkpoint.com/products/firewall-1/syndefender.html, 1997.
21. F. Kargl, J. Maier, S. Schlott, and M. Weber, "Protecting Web Servers from Distributed Denial of Service Attacks," Proc. World Wide Web Conf., May 2001.
22. D.K.Y. Yau, J.C.S. Lui, and F. Liang, "Defending against Distributed Denial-of-Service Attacks with Max-Min Fair Server-Centric Router Throttles," Proc. IEEE Int'l Workshop Quality of Service, May 2002.
23. A. Yaar, A. Perrig, and D. Song, "PI: A Path Identification Mechanism to Defend against DDoS Attacks," Proc. IEEE Symp. Security and Privacy, May 2003.
24. P. Ferguson, "Network Ingress Filtering: Defeating Denial of Service Attacks which Employ IP Source Address Spoofing," RFC 2267, Jan. 1998.
25. K. Park and H. Lee, "On the Effectiveness of Route-Based Packet Filtering for Distributed DOS Attack Prevention in Power-Law Internets," Proc. ACM Sigcomm, Aug. 2001.