| Denial-of- Service (DoS) attack consumes network band width and resource through transmitting massive requests that need replies to the network and causes the network or the system paralysed to stop providing the normal network service. Distributed Denial-of-Service(DDoS) attack refers to the attack that massive Denial-of- Service attacks from many machines are initiated to the victim at the same time.lt commonly adopts the distributed and cooperative mode, the main aim is generally big network stations such as the commercial companies,search engines and the government department's stations. One set of controlled machines are imposed to initiate Denial-of- Service attacks to one machine swiftly and violently which brings great destructiveness. Most network attackers use spoofing IP address in a DDoS attack generally, which makes it very difficult for the victim to find the IP source of the attack.A larage number of IP traceback schemes have been proposed. The probabilistic packet marking putted forward by Savage has received extensive attention. But like the other IP traceback schemes,it only allows the victim to infer the origins of the attack, they are ,in general ,not able to block the attack or mitigate the effect of a DDoS attack while it is raging on. In this paper, A packet marking based active tracing model for DDoS attack is proposed. The model not only could infer the path which the attack flowed, but also could weaken the attack. The proposed scheme improves the throughput of legitimate traffic during DDoS attack by filtering out traffic that is more likely to come from an attacker than a legimate host.To make this distinction,it leverages on and extends IP traceback techniques to infer whether or not a network edge is on the attack path. The proposed scheme is introduced by dividing the model into two systems,the attack source tracing system and the attack flow filtering system according to the function. In the source tracing system, a marking scheme using adaptive probability packet marking is talked about, it can make sample distribute uniformity. At the same time, compression technology is used in the packet headers for extending the mark space, which can reduced time complex of path reconstruction. The attack flow filtering system divide the mark in the packet header into different types.The packet that have different type mark is passed by the different... |
PDF Full Text Request