A Stateless Traceback Technique for Identifying the Origin of Attacks From a Single Packet
Anonymity is one of the main motivations for conducting denial-of-service attacks. Currently, there is no mechanism to either identify the true source of an IP packet or to prove its authenticity. In this paper, the authors propose a stateless IP traceback technique that identifies the origin network of each individual packet. They show that the proposed traceback system is the only one that scales with the number of attackers and also satisfies practical requirements, such as no state stored at routers and a header overhead (25 bits) that can be allocated in IPv4 header. The proposed system exploits the customer-provider hierarchy of the Internet at Autonomous System (AS) level and introduces the idea of checkpoints, which are the two most important nodes in an AS-level path.