Abstract

Recently, Distributed Denial of Service (DDoS) attacks have been threatening the Internet severely. Tracing IP packets back to their origins is an efficient and important part of the defense against those attacks. Currently two major kinds of IP traceback methods have been used for IP traceback in IPv6: packet marking and packet logging. IP traceback based on packet marking requires routers to write their identifiable information into the forwarded packets. It incurs little overhead on routers but needs a large number of packets to construct the complete attack path. IP traceback based on packet logging requires routers to store the digests of the forwarded packets. It only needs a few packets to construct the attack path but causes high storage overhead in routers. In this paper, we present a practical hybrid IP traceback method under IPv6 (PHIT-IPv6) which integrates packet marking and packet logging so as to obtain both of their advantages. We improved the practicality of DDoS traceback in that our method requires a less number of packets to conduct the traceback progress and reduces the storage overload of the intermediate routers for packet logging. We present both mathematical analysis and simulation of our method. The results show that our method can reduce the storage overhead by almost fifty percent and can also significantly decrease the number of packets for attack path construction.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.