Topology-assisted deterministic packet marking for IP traceback

来源 :The Journal of China Universities of Posts and Telecommunica | 被引量 : 0次 | 上传用户:kuakua01
下载到本地 , 更方便阅读
声明 : 本文档内容版权归属内容提供方 , 如果您对本文有版权争议 , 可与客服联系进行内容授权或下架
论文部分内容阅读
A novel deterministic packet marking (DPM) for IP traceback against denial of service (DoS) and distributed denial of service (DDoS) attacks is presented,which features good scalability and high accuracy. In this scheme,an ingress router pre-calculates a Hash of its IP address and splits the Hash into several fragments. When marking a packet,the router randomly selects a fragment to mark into the packet. In the traceback stage the victim identifies the marked router with the help of the map of its upstream routers. Based on the map,the victim can identify a candidate ingress router after receiving only several marked packets. The scheme overcomes defects in previous deterministic packet marking schemes,where too much packets are required to recover a router and high false positive rate occurs in case of large-scale DDoS. Theoretical analysis,the pseudo code and experimental results are provided. The scheme is proved to be accurate and efficient and can handle large-scale DDoS attacks. A novel deterministic packet marking (DPM) for IP traceback against denial of service (DoS) and distributed denial of service (DDoS) attacks is presented, which features good scalability and high accuracy. In this scheme, an ingress router pre-compute a Hash of its IP address and splits the Hash into several fragments. When the traceback stage the victim identifies the marked router with the help of the map of its upstream routers. Based on the map, the victim can identify a candidate ingress router after receiving only several marked packets. The scheme overcomes defects in previous deterministic packet marking schemes. Where too much packets are required to recover a router and high false positive rate occurs in case of large-scale DDoS. Theoretical analysis, the pseudo code and experimental results are provided. The scheme is proved to be accurate and efficient and can handle large-scale DDoS attacks.
其他文献
随着校园网应用的不断发展,校园网在高校的教学、科研、管理中发挥着越来越大的作用,校园网面临的安全问题也日益突出。本文从校园网存在的安全问题进行分析,建立起一套真正
目的了解肺结核可疑症状者在县级及乡镇的就诊情况。方法在贵州省的8个乡镇选取150例肺结核可疑症状者进行问卷调查。结果到县级就诊“治疗的机会成本”是到乡镇的16.8倍,58.
上榜理由:中国移动一直以创新闻名,然而,Jego和飞聊的失利引发了外界对中国移动创新能力的质疑,并将关注焦点转向国企内部创新体制。  一个巨型的国企,一个属于“旧时代”的电信运营商,能否跟上移动互联网的发展进程,推出具有市场影响力的自主创新产品?2013年,中国移动的内部创新失败,对这个问题给出了一个负面的回答。  2013年6月1日,中国移动的网络电话应用Jego正式上线。手机用户安装Jego软
Quorum systems have been used to solve the problem of data consistency in distributed fault-tolerance systems. But when intrusions occur, traditional quorum sys
曾经送给妻子无数个礼物,大到钻戒电脑,小到围脖手套。妻子说,她最爱的是我送她的那套珍贵邮票。那是2008年3月19日,我意外地收到了中国农垦编辑部寄来的获奖证书和一套精美
《大数据时代:生活、工作与思维的大变革》推荐词:不经意间,互联网、社交网络、电子商务与移动通讯已经把人类社会带入了一个结构与非结构数据信息的新时代,一个大规模生产、
目的探讨脑卒中后低钠血症患者临床治疗。方法选择该院2009年5月—2012年1月收治的脑卒中后并发低钠血症的患者40例,对其临床资料进行回顾性分析。结果该研究所选择的40例患
“喂,陆主任吗?你公司总经理姜国平当选盐城市优秀企业家,需要一篇他的人物通讯稿,这个月底报来。”2012年3月中旬的一天,当我接到上级领导的通知,头“嗡”地一下大了起来。
随着计算机技术及网络的普及,网络安全问题也日益突出。本文主要对网络入侵检测进行探讨。 With the popularization of computer technology and network, network securit
现症病人治疗,是预防控制疟疾流行的重要一环。为了解疟疾现症病人治疗的问题,现对2008年5月1日至9月1日在我院治疗的73例疟疾病例分析如下。1资料与方法1.1对象治疗病人均为