About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Abstract
Identifying the source address of an IP packet is difficult with the IP protocol. Consequently it has been difficult to resolve distributed denial of service (DDoS) attacks on the Internet. This paper presents an autonomous system (AS) methodology for IP trace back based on the probabilistic packet marking (PPM) scheme. Although many PPM mechanisms have been proposed, almost all assume that all routers in the Internet support PPM. However, such an assumption is impractical for operational and deployment reasons. In this paper, we design an IP trace back technique that extends the architecture to a 32-bit AS number. Our proposed method combines the Internet topology and the PPM, which has not been previously discussed in detail. To discuss the optimum probability for packet marking, consideration of the network topology properties and the router load is necessary. We demonstrate our results by our implementation and verify that marking does not have an impact on performance. The results imply that we can calculate the optimum probability from only the topology property. In our calculations, the optimum probability of 0.092 is obtained. © 2011 IEEE.