| With the progress and widely use of Internet, network technique's development change quickly. More and more security issues brought as well as convenient service provided by Internet applications, such as E-business and E-bank. Especially network intrusion behaviors brought increasing influence and loss. Therefore, the research of network information security technology looks instancy.Recent years, Denial of Service attacks, especially Distributed denial of Service give a strong impact to Internet. It makes badly affect and still rise at the rate of 50% annually. On the other hand, (D)DoS attack is hard to prevent. Because it exploits a fundamental weakness in the TCP/IP Protocol and attacker can transmit datagram employ spoofed IP source address. So victim unable find out the zombie or real attacker even if he received the attack packets, consequently lighten or stop attack behavior. Therefore the problem of how to identify the source of packets, called IP traceback, got abroad attention of all circles.At present, the researches mainly focus on packets traceback algorithm of attack path in IPv4. Many different techniques have been proposed, such as Link Testing, Logging, ICMP trace, Packet Marking and Overlay Network. All of these schemes have merits demerits. Implementing those techniques for IPv6 networks require modifications because of the technological differences.IPv6 protocol is "Internet Protocol, Version 6" for short. IPv6 not only expend the address of IPv4 in design, but also reconsider and make volume of improvement, like IP header format, IP address allocate method, route protocol, domain name resolution, auto configure and security. But IPv6 networks are still in experimental phase and there are quite probable chances of DDoS attack on these networks.Deterministic packet marking employ the information of packets which is marked by edge router to identify the source of attack. The approach is capable of tracing back attacks, which are composed of just a few packets. In addition, a service provider can implement this scheme without revealing its internal network topology. In IPv4, the marking information is added in the ID field of the IPv4 header, but the IPv6 has no ID field in its header, so the existing Packet marking schemes cannot work in IPv6.In this paper, the DPM scheme is improved to adapt the network environment of IPv6. It avoids some shortcoming in Ipv4, at the same time only one packet is sufficient to identify the source of attack. Then we developed a based on small packet threshold adaptive marking scheme, it can mark the packets dynamic, which will reduce the computation time of edge router apparently. |
PDF Full Text Request