Flexible Deterministic Router and Interface Marking for IP Traceback
IP traceback involves identifying the actual source of a packet across the Internet. By identifying the real source address in packets, network security system can smartly protect the victim hosts and mitigate the attacks. Packet marking is the most important method of source identification using IP traceback and there are many variations. In this paper, the authors propose a modification to their previous capable IP traceback scheme, Deterministic Router and Interface Marking (DRIM), to handle fragmented traffic as well. The modification introduces nominal additional bandwidth overhead, with no additional memory requirements and processing overhead on the DRIM-enabled interface and also reduces the problem of false positives.