Feasible DDoS attack source traceback scheme by deterministic multiple packet marking mechanism

  • S. Suresh
  • N. Sankar Ram


A main purpose of network security is to secure the system and its element parts from illegal access and misuse. Distributed denial of service (DDoS) attack is a crucial risk to the internet. A source traceback is a technology to control each and every computer crime. A feasible DDoS attack source traceback technique based on marking on demand (MOD) scheme is proposed to detect computer attack by using multiple packets for marking coding. In this proposed scheme, the MOD scheme is based on the deterministic multiple packet marking mechanism. Depending upon this finding, the proposed technique basically addresses the scalability issue of existing deterministic packet marking-based traceback schemes and perhaps to traceback to the individual cooperated computers more willingly than the present defined routers of attacking computers. Also, this technique is used to identify the malicious users who form the volume of traffic necessary to reject a service to computer user. To traceback the engaged attack source, there is a need to mark these engaged ingress routers by deterministic multiple packet marking mechanism. Simultaneously, the MOD server reports information of the marks and their connected requesting IP addresses. Once DDoS attack is proved, the victim will acquire attack sources through requesting MOD server by marks refined from attack packets. The confirmed DDoS attack is identified when it is higher than the tested threshold value. In this study, a mathematical model is established to prove the efficiency of the proposed source traceback technique in both real-world experiments and theoretical analysis. Extensive real-world experiments and theoretical analysis show that the proposed technique is efficient and feasible.


DDoS attack source traceback technique Deterministic multiple packet marking mechanism MOD 


  1. 1.
    Yu S, Zhou W, Jia W, Guo S, Xiang Y, Tang F (2012) Discriminating DDoS attacks from flash crowds using flow correlation coefficient. IEEE Trans Parallel Distrib Syst 23(6):794–805CrossRefGoogle Scholar
  2. 2.
    Yu S, Tian Y, Guo S, Wu D (2014) Can we beat DDoS attacks in cloud? IEEE Trans Parallel Distrib Syst 25(9):2245–2254CrossRefGoogle Scholar
  3. 3.
    Yu S, Zhou W, Doss R, Jia W (2011) Traceback of DDoS attacks using entropy variations. IEEE Trans Parallel Distrib Syst 22(3):412–425CrossRefGoogle Scholar
  4. 4.
    Kaur S, Kumar R, Gopal G (2016) DDOS attacks: trends, challenges and possible solutions. Int J Sci Res Dev 4(04):1225–1232Google Scholar
  5. 5.
    Belenky A, Ansari N (2003) IP traceback with deterministic packet marking. IEEE Commun Lett 7(4):162–164CrossRefGoogle Scholar
  6. 6.
    Revathi A, Vijayalakshmi J, Robin CRR (2017) An approach to traceback the IP packets dynamically in DDoS attack. Int J Latest Trends Eng Technol Special Issue NCRTCC, 026–031Google Scholar
  7. 7.
    Yu S, Doss R, Zhou W (2008) Information theory based detection against network behavior mimicking DDoS attacks. IEEE Commun Lett 12(4):319–321Google Scholar
  8. 8.
    Yu S, Guo S, Stojmenovic I (2015) Fool me if you can: mimicking attacks and anti-attacks in cyberspace. IEEE Trans Comput 64(1):139–151MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Yu S, Zhou W, Guo S, Guo M (2016) A feasible IP traceback framework through dynamic deterministic packet marking. IEEE Trans Comput 65(5):1418–1427MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Belenky A, Ansari N (2007) On deterministic packet marking. Comput Netw 52(10):2677–2700CrossRefzbMATHGoogle Scholar
  11. 11.
    Xiang Y, Zhou W, Guo M (2008) Flexible deterministic packet marking: an IP traceback system to find the real source of attacks. IEEE Trans Parallel Distrib Syst 20(4):567–580CrossRefGoogle Scholar
  12. 12.
    Liu J, Lee Z, Chung Y (2007) Dynamic probabilistic packet marking for efficient IP traceback. Comput Netw 51:866–882CrossRefzbMATHGoogle Scholar
  13. 13.
    John A, Sivakumar T (2009) DDoS: survey of traceback methods. Int J Recent Trends Eng 1(2):241–245Google Scholar
  14. 14.
    Yu S et al (2015) A feasible IP traceback framework through dynamic deterministic packet marking. IEEE Trans Comput 65:1–11MathSciNetGoogle Scholar
  15. 15.
    Parameswari M, Sukumaran S (2016) Dynamic detection and protection mechanism against distributed denial of service attacks using fuzzy logic. Int J Appl Eng Res 4(7):5332–5337Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Department of Information Technology, Faculty of CSESathyabama Institute of Science and TechnologyChennaiIndia
  2. 2.Department of CSESriram Engineering CollegeChennaiIndia

Personalised recommendations