This paper presents a dynamic probabilistic marking algorithm with multiple routing address tags, which allows the victim to traceback the origin of ICMP (Internet Control Message Protocol)-based direct and reflective DoS attacks. The proposed approach makes full use of scalable data space of ICMP packet to achieve multiple information tags. The difference between this proposal and previous proposals lies in two points. First, the number of packets needed by the victim to reconstruct the attack path is greatly reduced because of three key mechanisms: multi-tag, uniform leftover probability, and tag location choice based on the module of accommodated tag numbers within a packet. Second, the true origin of both direct and reflective ICMP-based DoS attacks can be traced.