Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
226 IEEE/ACM TRANSACTIONS ON NETWORKING, VOL. 9, NO. 3, JUNE 2001 Network Support for IP Traceback
 

Summary: 226 IEEE/ACM TRANSACTIONS ON NETWORKING, VOL. 9, NO. 3, JUNE 2001
Network Support for IP Traceback
Stefan Savage, David Wetherall, Member, IEEE, Anna Karlin, and Tom Anderson
Abstract--This paper describes a technique for tracing anony-
mous packet flooding attacks in the Internet back toward their
source. This work is motivated by the increased frequency and
sophistication of denial-of-service attacks and by the difficulty in
tracing packets with incorrect, or "spoofed," source addresses. In
this paper, we describe a general purpose traceback mechanism
based on probabilistic packet marking in the network. Our ap-
proach allows a victim to identify the network path(s) traversed
by attack traffic without requiring interactive operational support
from Internet Service Providers (ISPs). Moreover, this traceback
can be performed "post mortem"--after an attack has completed.
We present an implementation of this technology that is incremen-
tally deployable, (mostly) backward compatible, and can be effi-
ciently implemented using conventional technology.
Index Terms--Computer network management, computer
network security, network servers, stochastic approximation,
wide-area networks.

  

Source: Anderson, Tom - Department of Computer Science and Engineering, University of Washington at Seattle

 

Collections: Computer Technologies and Information Sciences