Research On Probabilistic Packet Marking Algorithms In IP Traceback

If it is said that the invention of car in the 19^th century is as like as giving wings to human's feet;If it is said that the invention of television in the 20^th century is as like as giving wings to human's eyes;Then, the Internet in 21^st century is as like as giving wings to human's brain. People soar freely in this digital world.But this world isn't at peace. Viruses, leaks, and spy wares emerge in endlessly;worms, Trojans, and net thefts increase year by year. Maintaining Internet security becomes more and more important. Denial of service attack is among the hardest security problems to address because it is easy to launch, difficult to defend and trace.In this paper, the mechanism, methods and development to denial of service attacks are discussed firstly. Then, the defense techniques and their respective trends are studied. A novel technique, that is traceback technique, then becomes our research emphasis. This paper studies systemically several traceback techniques till now, classifies them and analyzes their respective advantages and disadvantages. Through above research, the paper draws a conclusion that probabilistic packet marking techniques are a kind of promising techniques.For comparing the probabilistic packet marking algorithms expediently, this paper induces several evaluation indexes. On the base of systemic analysis six kinds of probabilistic packet marking algorithms, this paper brings a node-edge probabilistic packet marking algorithm, short for NEMS. Because utilizing adequately the IP packet header space, the NEMS algorithm reduces false positive numbers and false negative numbers greatly. The NEMS algorithm's computing complexity is similar to other algorithms, and the biggest advantage is that it needn't know Internet topology in advance when reconstructing attack paths.On the basis of NEMS algorithm, this paper studies further improving approaches from one hash function to several hash functions, and from unalterable probability to alterable probability.As a kind of network security technique, probabilistic packet marking algorithms' self security is also important. This paper analyzes probabilistic packet marking techniques' security, and gives several their limitations.Finally, this paper simulates all given probabilistic packet marking algorithms with famous simulation software, NS2. The simulations' results validate this paper's primary conclusions.