Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

Tracing Multiple Attackers with Deterministic Packet Marking (DPM)

Summary: Tracing Multiple Attackers with Deterministic
Packet Marking (DPM)
Andrey Belenky and Nirwan Ansari
Advanced Networking Laboratory, ECE Department, NJIT, Newark, NJ 07102, USA
Email: avb0168@oak.njit.edu, Nirwan.Ansari@NJIT.EDU
Abstract-- The rising threat of cyber attacks, especially dis-
tributed denial-of-service (DDoS), makes the IP Traceback prob-
lem very relevant to today's Internet security. IP Traceback
is one of the security problems associated with identifying
the source of the attack packets. This work presents a novel
approach to IP Traceback - Deterministic Packet Marking
(DPM). The proposed approach is scalable, simple to implement,
and introduces no bandwidth and practically no processing
overhead on the network equipment. It is capable of tracing
thousands of simultaneous attackers during DDoS attack. All of
the processing is done at the victim. The traceback process can
be performed post-mortem, which allows for tracing the attacks
that may not have been noticed initially. The involvement of the
Internet service providers (ISP) is very limited, and changes to
the infrastructure and operation required to deploy DPM are


Source: Ansari, Nirwan - Department of Electrical and Computer Engineering, New Jersey Institute of Technology


Collections: Engineering