The Research Of The Packet Marking Algorithm For IP Traceback

With the fast development of information technology, human society has enteredthe information age. Currently, the worldwide Internet is infiltrated all aspects of oursocial life at an alarming rate, and it has become an indispensable part of popular life.However, the network brings us convenient as well as hazards. As people increasinglydependent on computer networks, the network security issues are also increasinglyprominent. DDoS attacks was undoubtedly the most serious hazards in hackers attack,hackers create high flow of useless data, resulting in network congestion, the victimhost can not communicate properly with the outside world. The package markingresearched in this paper is DDoS attack source tracing technologies, it can help thevictims to trace the source of the packet in time when the DDoS is occurring, so thevictim can take measures as soon as possible to reduce losses.This article first describes the basic principles of DDoS attacks and the methodsof IP tracking, then analysis the packet marking technique and compared theperformance of various predominant packet marking algorithms. According to theshortcomings of the algorithms, this paper proposed solutions one by one.According to the characteristics of a DDoS attacks, the paper design a newpacket marking models, from the process of the router markint packets to the victimsreconstruction of attack path, we made a big improvement to the traditional packetmarking algorithm. To reduce the computational of path reconstruction and hashoperations, we put the check code directly behind the IP addresses. Because thenumber of packets used to carry complete router information is reduced, the numberof combinations naturally reduced in the subsequent verification process. In order toreduce false positives, we take full advantage of the topology information, and reducethe computational through the marking process improvement. Besides that, weabandon the previous fixed probability marking methods, using variable probability,that is, router dynamically select a probability according marking state to markpackets, so that each router information appears at roughly the same probability in thevictim. This method makes the demand packets into the lowest for victims.Finally, we compare the demand of data packets of the variable probability andfixed probability of packet marking throuth experiment, and validate the performanceof the model.