Large-Scale IP Traceback in High-Speed Internet: Practical Techniques and Information-Theoretic Foundation

Tracing attack packets to their sources, known as IP traceback, is an important step to counter Distributed Denial-of-Service (DDoS) attacks. In this paper, the authors propose a novel packet logging based (i.e., hash-based) traceback scheme that requires an order of magnitude smaller processing and storage cost than the hash-based scheme proposed by the researchers thereby being able to scalable to much higher link speed (e.g. OC-768). The baseline idea of their approach is to sample and log a small percentage (e.g. 3.3%) of packets.

Provided by: Institute of Electrical & Electronic Engineers Topic: Security Date Added: Dec 2008 Format: PDF

Find By Topic