Optimal Path Identification to Defend Against Ddos Attacks
Guang JIN
.
    PDF         950 Downloads   1,591 Views  

Abstract

A novel packet marking scheme, optimal path identification (OPi), was proposed to defend against DDoS at­tacks. Instead of using fixed 1 or 2 bit in previous schemes, in OPi a router deduces the traveling distance of an arrived packet by its TTL value and inserts a variable-length marking of 1~16 bit into the packet. The marking field is filled completely even the path is very short and the distinguishability is improved. OPi outperforms previous schemes, espe­cially when attacker paths adjoin user paths seriously. To obtain better performance, an OPi+TTL filtering strategy was proposed to frustrate attackers’ tries with spoofed initial TTL values. Theoretical analyses and simulations with actual Internet topologies show OPi performs excellently.

Share and Cite:

G. JIN, "Optimal Path Identification to Defend Against Ddos Attacks," Communications and Network, Vol. 1 No. 1, 2009, pp. 17-24.

Conflicts of Interest

The authors declare no conflicts of interest.

Journals Menu
Follow SCIRP
Contact us
+1 323-425-8868
customer@scirp.org
WhatsApp +86 18163351462(WhatsApp)
Click here to send a message to me 1655362766
Paper Publishing WeChat

Copyright © 2024 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.