Effectiveness of advanced and authenticated packet marking scheme for traceback of denial of service attacks
Distributed denial-of-service attack is one of the greatest threats to the Internet today. One of the biggest diiculties in defending against this attack is that attackers always use incorrect, or \spoofed" IP source addresses to disguise their true origin. In this paper, we present a packet marking algorithm which allows the victim to traceback the approximate origin of spoofed IP packets. The diierence between this proposal and previous proposals lies in two points. First, we develop three techniques to adjust the packet marking probability, which signii-cantly reduces the number of packets needed by the victim to reconstruct the attack path. Second, we give a detailed analysis of the vulnerabilities of probabilistic packet marking, and describe a version of our adjusted probabilistic packet marking scheme whose performance is not aaected by spoofed marking elds.