Network support for IP traceback

Top Cited Papers

1 June 2001

journal article
research article
Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE/ACM Transactions on Networking

Vol. 9 (3), 226-237
https://doi.org/10.1109/90.929847

Abstract

This paper describes a technique for tracing anonymous packet flooding attacks in the Internet back toward their source. This work is motivated by the increased frequency and sophistication of denial-of-service attacks and by the difficulty in tracing packets with incorrect, or "spoofed," source addresses. We describe a general purpose traceback mechanism based on probabilistic packet marking in the network. Our approach allows a victim to identify the network path(s) traversed by attack traffic without requiring interactive operational support from Internet service providers (ISPs). Moreover, this traceback can be performed "post mortem"-after an attack has completed. We present an implementation of this technology that is incrementally deployable, (mostly) backward compatible, and can be efficiently implemented using conventional technology.

Keywords

This publication has 22 references indexed in Scilit:

A formal framework and evaluation method for network denial of service
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2003
An algebraic approach to IP traceback
ACM Transactions on Information and System Security, 2002
MPLS Label Stack Encoding
Published by RFC Editor ,2001
Internet Protocol, Version 6 (IPv6) Specification
Published by RFC Editor ,1998
Anonymous connections and onion routing
IEEE Journal on Selected Areas in Communications, 1998
End-to-end routing behavior in the Internet
IEEE/ACM Transactions on Networking, 1997
IP Mobility Support
Published by RFC Editor ,1996
Path MTU discovery
Published by RFC Editor ,1990
Fragmentation considered harmful
ACM SIGCOMM Computer Communication Review, 1987
Internet Protocol
Published by RFC Editor ,1981

Cited by 488 articles