| With the increasing popularity of Internet, every network technology develops quickly. There are many problems on security while network applications such like electronic commerce and banks based on the network make our life pleasing. With all kinds of network security threats, Denial-of-Service (DoS) attack and Distributed Denial-of-Service (DDoS) attack was the hardest security problems in the internet today. Since a vast number of insecure machines exist in the internet, automated attack tools can easily be downloaded and the attackers often use spoofed source address, the defense of this kind of attack and the traceback of attackers is extremely difficult.At present, some of network security technology could prevent part of network attacks, such as intrusion detection system could detect attacks, firewall system could prevent some of attacks, but all of these technologies were not the best way to avoid network attacks because these technologies could not trace attack to their source. These mechanisms could not resolve network security problem nor defend the attackers. It was important to traceback the source of the network attack not only for insulate the attack but also for provide legal proof and deter attack.In this paper, we study the traceback system base on the following aspects: First, in this paper, the mechanism, methods, development trend of the network attacks are discussed. After that, we study the DDoS attacks with its principle, technology, character, tools of attack and so on.Second, in this paper, all kinds of traceback technology was introduce such as ingress filter, input debugging, controlled flooding, ICMP traceback, PPM, logging and so on. We study these traceback scheme and focuses on their advantage and disadvantage.Third, we put forward a new traceback scheme base on present network attack. We discuss this new traceback scheme with its components and workflow. The new traceback scheme was base on logging technology. In order to avoid the disadvantage of the logging technology, in this paper we adopt the data structure of bloom filter to reduce the system demand of logging technology. Finally, the proposed traceback scheme is proved to be effective and feasible by theoretical analysis and experiment. |
PDF Full Text Request