Branch Label Based Probabilistic Packet Marking for Counteracting DDoS Attacks
Summary :
Effective counteraction to Distributed Denial-of-Services (DDoS) attacks is a pressing problem over the Internet. For this counteraction, it is considered important to locate the router interfaces closest to the attackers in order to effectively filter a great number of identification jammed packets with spoofed source addresses from widely distributed area. Edge sample (ES) based Probabilistic Packet Marking (PPM) is an encouraging method to cope with source IP spoofing, which usually accompanies DDoS attacks. But its fragmentation of path information leads to inefficiency in terms of necessary number of packets, path calculation time and identification accuracy. We propose Branch Label (BL) based PPM to solve the above inefficiency problem. In BL, a whole single path information is marked in a packet without fragmentation in contrast to ES based PPM. The whole path information in packets by the BL approach is expressed with branch information of each router interfaces. This brings the following three key advantages in the process of detecting the interfaces: quick increase in true-positives detected (efficiency), quick decrease in false-negatives detected (accuracy) and fast convergence (quickness).
- Publication
- IEICE TRANSACTIONS on Communications Vol.E87-B No.7 pp.1900-1909
- Publication Date
- 2004/07/01
- Publicized
- Online ISSN
- DOI
- Type of Manuscript
- Special Section PAPER (Special Section on Next Generation Networks Software)
- Category
- Security Issues
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Toshiaki OGAWA, Fumitaka NAKAMURA, Yasushi WAKAHARA, "Branch Label Based Probabilistic Packet Marking for Counteracting DDoS Attacks" in IEICE TRANSACTIONS on Communications,
vol. E87-B, no. 7, pp. 1900-1909, July 2004, doi: .
Abstract: Effective counteraction to Distributed Denial-of-Services (DDoS) attacks is a pressing problem over the Internet. For this counteraction, it is considered important to locate the router interfaces closest to the attackers in order to effectively filter a great number of identification jammed packets with spoofed source addresses from widely distributed area. Edge sample (ES) based Probabilistic Packet Marking (PPM) is an encouraging method to cope with source IP spoofing, which usually accompanies DDoS attacks. But its fragmentation of path information leads to inefficiency in terms of necessary number of packets, path calculation time and identification accuracy. We propose Branch Label (BL) based PPM to solve the above inefficiency problem. In BL, a whole single path information is marked in a packet without fragmentation in contrast to ES based PPM. The whole path information in packets by the BL approach is expressed with branch information of each router interfaces. This brings the following three key advantages in the process of detecting the interfaces: quick increase in true-positives detected (efficiency), quick decrease in false-negatives detected (accuracy) and fast convergence (quickness).
URL: https://global.ieice.org/en_transactions/communications/10.1587/e87-b_7_1900/_p
Copy
@ARTICLE{e87-b_7_1900,
author={Toshiaki OGAWA, Fumitaka NAKAMURA, Yasushi WAKAHARA, },
journal={IEICE TRANSACTIONS on Communications},
title={Branch Label Based Probabilistic Packet Marking for Counteracting DDoS Attacks},
year={2004},
volume={E87-B},
number={7},
pages={1900-1909},
abstract={Effective counteraction to Distributed Denial-of-Services (DDoS) attacks is a pressing problem over the Internet. For this counteraction, it is considered important to locate the router interfaces closest to the attackers in order to effectively filter a great number of identification jammed packets with spoofed source addresses from widely distributed area. Edge sample (ES) based Probabilistic Packet Marking (PPM) is an encouraging method to cope with source IP spoofing, which usually accompanies DDoS attacks. But its fragmentation of path information leads to inefficiency in terms of necessary number of packets, path calculation time and identification accuracy. We propose Branch Label (BL) based PPM to solve the above inefficiency problem. In BL, a whole single path information is marked in a packet without fragmentation in contrast to ES based PPM. The whole path information in packets by the BL approach is expressed with branch information of each router interfaces. This brings the following three key advantages in the process of detecting the interfaces: quick increase in true-positives detected (efficiency), quick decrease in false-negatives detected (accuracy) and fast convergence (quickness).},
keywords={},
doi={},
ISSN={},
month={July},}
Copy
TY - JOUR
TI - Branch Label Based Probabilistic Packet Marking for Counteracting DDoS Attacks
T2 - IEICE TRANSACTIONS on Communications
SP - 1900
EP - 1909
AU - Toshiaki OGAWA
AU - Fumitaka NAKAMURA
AU - Yasushi WAKAHARA
PY - 2004
DO -
JO - IEICE TRANSACTIONS on Communications
SN -
VL - E87-B
IS - 7
JA - IEICE TRANSACTIONS on Communications
Y1 - July 2004
AB - Effective counteraction to Distributed Denial-of-Services (DDoS) attacks is a pressing problem over the Internet. For this counteraction, it is considered important to locate the router interfaces closest to the attackers in order to effectively filter a great number of identification jammed packets with spoofed source addresses from widely distributed area. Edge sample (ES) based Probabilistic Packet Marking (PPM) is an encouraging method to cope with source IP spoofing, which usually accompanies DDoS attacks. But its fragmentation of path information leads to inefficiency in terms of necessary number of packets, path calculation time and identification accuracy. We propose Branch Label (BL) based PPM to solve the above inefficiency problem. In BL, a whole single path information is marked in a packet without fragmentation in contrast to ES based PPM. The whole path information in packets by the BL approach is expressed with branch information of each router interfaces. This brings the following three key advantages in the process of detecting the interfaces: quick increase in true-positives detected (efficiency), quick decrease in false-negatives detected (accuracy) and fast convergence (quickness).
ER -
English
