| With the development of network technology and application, more and more hacker's tools and network attack measures are appearing. At the same time ,network security becomes increasingly important. Denial of service attack is among the hardest security problems to address ,because it is easy to launch, but difficult to defend and trace, which makes it brings great danger to network society. So, doing research on DoS attack and its countermeasures are not only challenging but also very important.This paper first introduces DoS's definition, thought, trend of development and course of DDoS's attack. Then, it presents the classification of DoS attack and its countermeasures. And several schemes for traceback are reviewed and compared. Mean while,the ICMP traceback scheme is discussed in detail and various potential problems of that are analyzed.In this paper, in existing iTrace schemes, routers'IP address are embedded into iTrace messages, which results in too many packets needed and calculating complexity great to reconstruct the path. The router numbering schemes are given , which takes fewer packets to reconstruct the attack path, and it reconstructs the main attack path in shorter time. Thus the victim could respond to attack more promptly and reduce attack damage.In contrast to existing intention-driven iTrace scheme, iTrace scheme based on traffic classification is proposed in this paper. It classifies incoming traffic into intention traffic and regular traffic based on the value of intention-bit,then performs iTrace scheme with different probability respectively. It not only obtain performance with equal original method but also remove the potential safety hazard existing in the original scheme. |
PDF Full Text Request