IP Traceback Technology Defending Against Single Packet And Distributed Denial Of Service

According to the data showed that China's current number of netizens has exceeded 710 million.In the meantime some hackers have been accused recently of making money through illegal activities,because of the safety hidden trouble and lack of keeping away policy of the system.DoS(Denial Of Service)attacks have surfaced within.It has good concealment and there is little way to guard against hackers.Traceback attacks technology is a good positive method of this situation came into being.Existing schemes are far from perfect,such as slowing convergence rate,highly false alarm rate and decreasingly accurate.This article from the perspective of AS(Autonomous System)and the algorithm of routing log records,improve the research of the Traceback attacks for single-packet denial-of-service attacks and DDoS.This research contents are as follows:First,paper analyzes Research Status at Home and Abroad of the Traceback attacks for DoS,and then compare the performance of different tracking schemes.Next,the paper puts forward two improvements to the existing problems of the research project,based on the single packet and distributed denial of service attacks.Second,in this paper a new algorithm based on Autonomous System is presented.It is based on the premise of the research of the deterministic packet marking algorithm and the improved dynamic probabilistic marking algorithm,which defines an inter-domain tracing scheme and an intra-domain tracing scheme by using two different marking scheme.Among them,the inter-domain uses the improved dynamic probabilistic packet marking algorithm,the intra-domain uses the deterministic packet marking algorithm.These methods improve the convergence performance,robustness and accuracy of Tracking attacks program.Third,paper summarizes the IP packet digest storage mechanism in PPIT,which put The standard Bloom Filter storage mechanism improved to double Bloom Filter storage mechanism.It effectively reduces the probability of hash collision in the Insert and search process,and improves the accuracy of tracking.At the same time through the TTL value to achieve the Path verification mechanism,we can further ensure the accuracy of the path reconstruction stage.Last,through the simulation tool of NS2 simulation,paper compares the improved scheme with the existing schemes.The improved scheme for DDoS attack is compared with ASPPM?FAST?HAST and AS_PPM.Meanwhile,the improved scheme for s ingle-packet attack is compared with PPIT and HIT.The end results show that the improved scheme is more convergent than the existing one.It mainly express the lower false alarm rate and the critically tracking.