| With the rapid development of computer network, network security issues become more and more important. Distributed denial of service attack(DDoS) is among the hardest network security problems because it is easy to launch and difficult to defend and trace. Therefore, research on DDoS attack and its countermeasures is very significant.In this paper, DDoS attack and countermeasures are discussed in depth, which aims to attain the effect of all-around defence from detection to traceback, and particularly certain results are achieved in puting forward a new packet marking scheme.At first we study the principle of DDoS attack and countermeasures of detection and traceback, and make thorough researchs on PPM and DPM. By analyzing advantages and disadvantages of them, DPM can avoid many PPM problems and is more practical.This paper analyzes the feature of DDoS and currently available traceback schemes, and from the practical point of view proposes adaptive packet marking schema based on flow sequence which combines with the advantages of PPM and APM. It is referred as FAPM. Compared with DPM, our scheme introduces the probability into marking strategy. The border router can adjust marking probability according to its load and it is sensitive to attack flows in all forwarding packets. The simulation results indicate that FAPM can ease router load, in the other hand can reduce numbers of reconstruction packets and can trace the attack subnet address with lower false rate. At the same time, FAPM supports the deployment step by step, and as growing numbers of ISP, it will form the boundary and can trace the whole Internet.Most existing packet marking schemes are implemented in IPv4, so the selection of marking domain, the analysis of protocol compatibility and deployment issues in IPv6 will be studied and explored in this paper. |
PDF Full Text Request