—We propose a new approach for IP traceback which is scalable and simple to implement, and introduces no bandwidth and practically no processing overhead. It is backward compatible with equipment which does not implement it. The approach is capable of tracing back attacks, which are composed of just a few packets. In addition, a service provider can… (More)
— The rising threat of cyber attacks, especially distributed denial-of-service (DDoS), makes the IP Traceback problem very relevant to today's Internet security. IP Traceback is one of the security problems associated with identifying the source of the attack packets. This work presents a novel approach to IP Traceback-Deterministic Packet Marking (DPM).… (More)
In this article, we present a novel approach to IP Traceback – deterministic packet marking (DPM). 1 DPM is based on marking all packets at ingress interfaces. DPM is scalable, simple to implement, and introduces no bandwidth and practically no processing overhead on the network equipment. It is capable of tracing thousands of simultaneous attackers during… (More)
— 1 We propose a modification to the basic Determin-istic Packet Marking (DPM), a promising IP traceback scheme, to handle fragmented traffic. The modification introduces no additional bandwidth overhead, but limited additional memory requirements and processing overhead on the DPM-enabled interface.
1 In this article, we introduce the Internet deployment guidelines for Deterministic Packet Marking (DPM) – a novel IP traceback method. Unlike other packet marking schemes, DPM cannot be deployed sporadically on the Internet. Therefore, in order to perform the traceback, a structured way of deployment is needed. Related to topology and deployment issues,… (More)