| With the development of network technology and application, network security becomes more and more important. Denial of service attack is among the hardest security problems to address because it is easy to launch, difficult to defend and trace. So, doing research on DoS attack and its countermeasures is not only challenging but also very important. And IP Traceback is the key thesis in the research.In this paper, the mechanism, methods of and countermeasures to denial of services attacks are discussed. After that, several IP Traceback schemes, especially the Packet Marking scheme are reviewed and some improvements to the current packet marking schemes are given, which improve the astringency and false positive rate in the attacking tree reconstruction.Based on the research on HMAC (Keyed-Hashing for Message Authentication) with Key Collection Exposure, the marking information is authenticated by using HMAC to achieve high security and robustness. The reconstruction algorithm can also achieve great astringency and high efficiency by adopting a new dynamic probability marking value sequence in the marking algorithm. And a reflection marking algorithm is improved to trace the real attackers beyond the reflector server in DRDoS attacks.Compared with the results of other schemes, it shows comparatively lower false positive rate and higher astringency. |
PDF Full Text Request