An Enhanced Deterministic Flow Marking Technique to Efficiently Support Detection of Network Spoofing Attacks.

Van Tuyen Dang, Thu Huong Truong, Huu Thanh Nguyen, Tai Hung Nguyen, Bart Puype, Didier Colle, Kris Steenhaut

Onderzoeksoutput: Conference paper

Samenvatting

In order to detect and prevent DoS/DDoS attacks that exploit IP address spoofing, the IP traceback technique has been introduced and developed with variety of methods including packet marking. By means of inserting marking information on the travel path into rarely used fields in the header of IP packets, the destination host can trace back the original-source location of received packets, which is useful for supporting detection of attacks. Many schemes of packet marking IP traceback have been proposed, but still have nevertheless some drawbacks such as low traceback rate, heavy computational overhead due to high-required number of marked packets and marking size. In this paper, we proposed PLA DFM, a novel efficient enhanced solution of Deterministic Flow Marking based on adaptation with real traffic characteristics. The analytic result shows that the proposed solution provides a far higher successful mark rate, lower computational overhead compared to the original scheme and other marking techniques with unnoticeable increased traffic size.
Originele taal-2English
TitelOctober 15-17, 2014
Plaats van productieHanoi, Vetnam
UitgeverijIEEE Explore
Aantal pagina's6
StatusPublished - 2014
EvenementInternational Conference on Advanced Technologies for Communications, ATC 2014 - Hanoi, Viet Nam
Duur: 15 okt 201417 okt 2014

Conference

ConferenceInternational Conference on Advanced Technologies for Communications, ATC 2014
Land/RegioViet Nam
StadHanoi
Periode15/10/1417/10/14

Citeer dit