Abstract
Since adversaries may spoof their source IPs in their attacks, traceback schemes have been proposed to identify the attack source. Among these methods, Hybrid IP traceback schemes fuse packet marking and packet logging, using only one packet for traceback and reducing the storage requirements during packet logging. However, if a hybrid traceback scheme logs a packet's digests on a router, the router's storage requirements will increase with the packet numbers. Its storage requirements cannot be bounded. Thus, we propose a 16-bit single packet hybrid IP traceback scheme. In our logging, the storage requirements can be bounded by the number of routes. And our marking can guarantee that fragmented packets can be re-assembled at the destination. Thus, compared with existing hybrid traceback schemes, our proposed scheme has higher accuracy in source tracking and has lower storage requirements for the routers.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
