Oxford University Press
Distributed denial-of-service attack is one of the most pressing security problems that the Internet community needs to address. Two major requirements for effective traceback are to quickly and accurately locate potential attackers and to filter attack packets so that a host can resume the normal service to legitimate clients. Most of the existing IP traceback techniques focus on tracking the location of attacker's after-the-fact. In this paper, the authors provide an efficient methodology for locating potential attackers who employ the flood-based attack.