| With the development of network technology and application, network security becomes increasingly more important. Denial of service attack is among the hardest security problems to solve because it is easy to launch, difficult to defend and trace. Now, the Internet Protocol that we are using has a lot of problems such as address exhaustion, poor security and so on. Therefore, it will be replaced by the next generation IP protocol. IPv6 is the next edition of Internet Protocol, and it has improved on many respects. But DDoS attack will not be lost, and it must threaten the network of IPv6.Finding the real sources of IP packets has very important significance to defense of DDoS attack. In the network of IPv4, there are a couple of IP traceback schemes to use to reconstructing the attack path of DDoS attack. At present, IP traceback can be divided into two classifications, one is active IP traceback technology, the other is passive IP traceback technology, and the active IP traceback technology includes IP logging, ICMP Traceback, packet marking scheme and so on, but none of these schemes is effective. In IPv6, the header of IPv6 packets have already changed very greatly, so we must make some improvement if we want to apply existing IP trackback scheme to the network environment of IPv6.Packet marking schemes utilize the marking that is marked by the router on the way of packets reconstructing the attack paths. In IPv4, the marking information is added in the ID field of the IPv4 header, but the IPv6 has not the ID field in its header, so the existing Packet marking schemes cannot work... |
PDF Full Text Request