Sciweavers

CCS
2007
ACM

Non-intrusive IP traceback for DDoS attacks

13 years 9 months ago
Non-intrusive IP traceback for DDoS attacks
The paper describes a Non-Intrusive IP traceback scheme which uses sampled traffic under non-attack conditions to build and maintains caches of the valid source addresses transiting network routers. Under attack conditions, route anomalies are detected by determining which routers have been used for unknown source addresses, in order to construct the attack graph. Results of simulation studies are presented. Our approach does not require changes to the Internet routers or protocols. Precise information regarding the attack is not required allowing a wide variety of DDoS attack detection techniques to be used. Our algorithm is simple and efficient, allowing for a fast traceback and the scheme is scalable due to the distribution of processing workload. Keywords Distributed Denial of Service Attacks, IP Traceback
Vrizlynn L. L. Thing, Morris Sloman, Naranker Dula
Added 07 Jun 2010
Updated 07 Jun 2010
Type Conference
Year 2007
Where CCS
Authors Vrizlynn L. L. Thing, Morris Sloman, Naranker Dulay
Comments (0)