| Denial of Service (DoS) attack is the most common type of network attack in the Internet. Flood attack is a subclass of DoS attack. The principle of flood attack is that attack Agent (A) sends a large quantity of attack packets to Victim (V) with very high rate, resulting in blocking network bandwidth of V. As a result, V can not provide normal services to legitimate users.In order to resisting network attack such as flood attack, Savage et al found a tracking technology named Probability Packet Marking. The basic concept is that attacking packets must travel through routers from A to V, these routers can mark travelling through packets and insert their IP address into IP field seldom used. V can gather the marked packets and extract address information to reconstruct the attacking path.In this paper, probability packet marking schemes are discussed. After that, we develope a new scheme based on Probability Packet Marking. First, we apply the Berlekamp-Massey (BM) Algorithm to transmit routers' IP address to victim. Second, we make use of Public-Key Cryptography to avoid attackers and routers to forge paths. The previous traceback schemes can only find a candidate path for each attacker that contains the true attack path as a suffix. Our scheme, attacking paths V reconstruct are correct and accurate. |
PDF Full Text Request