Two Novel Packet Marking Schemes for IP Traceback
Two novel packet marking schemes, the non-Repeated Varying-Probability Packet Marking (nRVPPM) and the Compressed non-Repeated Varying-Probability Packet Marking (CnRVPPM), are presented. To solve the repeated marking problem, we propose in the nRVPPM that one packet is marked by routers only one time with the probability which is varying with the distance the packet has traveled. Besides, the nRVPPM makes the victim receives the packets marked by each router with the same probability. Based on the nRVPPM, we bring forward the CnRVPPM by employing the redundancy brought about by the similarity of IP addresses. Our simulation studies show that the proposed schemes offer high precision and efficiency, and can dramatically reduce the number of packets required for the traceback.
KeywordsForwarding Path Attack Path Packet Marking Attack Source Probabilistic Packet Marking
Unable to display preview. Download preview PDF.
- 1.Belenky, A., Ansari, N.: On IP Traceback. IEEE Communications Magazine (July 2003)Google Scholar
- 2.Savage, S., Wetherall, D., Karlin, A., Anderson, T.: Practical Network Support for IP Traceback. In: Proceedings of the 2000 ACM SIGCOMM Conference (August 2000)Google Scholar
- 3.Boneh, A., Hofri, M.: The Coupon-collector Problem Revisited [J]. Commun. Statist. Stochastic Models 13 (1997)Google Scholar
- 5.Theilmann, W., Rothermel, K.: Dynamic Distance Maps of the Internet. In: Proceedings of the 2000 IEEE INFOCOM Conference (March 2000)Google Scholar