Adjusted Probabilistic Packet Marking for

Abstract

Distributed denial-of-service attack is one of the greatest threats to the Internet today. One of the biggest diiculties in defending against this attack is that attackers always use incorrect, or \spoofed" IP source addresses to disguise their true origin. In this paper, we present a packet marking algorithm which allows the victim to traceback the approximate origin of spoofed IP packets. The diierence between this proposal and previous proposals lies in two points. First, we develop three techniques to adjust the packet marking probability, which signii-cantly reduces the number of packets needed by the victim to reconstruct the attack path. Second, we give a detailed analysis of the vulnerabilities of probabilistic packet marking, and describe a version of our adjusted probabilistic packet marking scheme whose performance is not aaected by spoofed marking elds.

Extracted Key Phrases

Cite this paper

@inproceedings{Peng2002AdjustedPP, title={Adjusted Probabilistic Packet Marking for}, author={Tao Peng and Christopher Leckie and Kotagiri Ramamohanarao}, year={2002} }