Abstract
The ideal defense against cyberattacks like DDoS is filtering at their Point-of-Presence (POP). But it is difficult to find out the original POP of an IP packet/flow in a network, especially in IP-spoofing and partial probe deployment scenarios. In this paper, we propose an IP traceback architecture, Route Path Detection for IP Traceback (RPDT). It utilizes the route path information and logging digests of probes to reconstruct the path traversed by attack packets. Two node selection algorithms are designed to optimize the partial probe deployment of RPDT, Vertex Cover Improved by Degree (VCID) and Slack Path Cover (SPC), respectively. The experiments in mininet show that RPDT with either algorithm can deploy limited number of probes for traceback while preserving appreciable performance, which is favorable for Internet Service Providers (ISPs) to save deployment expenditure.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
