| With the rapid growth of Internet, Internet has become an essential part in people's daily life. But Internet-based attacks, often use spoofed source IP address to hide their true source, and this makes it is impossible to use the source IP address for establishing effective defensive measures. IP traceback technology can trace attackers to their true source address and this makes it become an important part for active network defensive systems. The network security mechanisms in use today such as firewall and IDS can only defense DDoS passively. They are not effective. But IP traceback technology is acknowledged as a promising method to resolve the detection of DDoS drastically. Especially, Distributed Denial Of Service (DDoS) attack has became a leading threaten to Internet recently.In this dissertation, firstly, the promising IP traceback technologies are discussed deeply, then their advantages and disadvantages are pointed out. Secondly, the principle of the DDoS attack is analyzed, and the important role which the traceback technique plays in DDoS attack defense is pointed out. Lastly, a promising IP traceback technique, deterministic packet marking (DPM), are studied and enhanced from practical and feasible perspective; and a DDoS defensive system based the enhanced DPM (PN-DPM) is improved. A DDoS defensive system based PN-DPM is designed. It not only can filter the most portion of attack traffic and enhance the throughout of whole network, but also can track back to the attack source, and prosecute the attacker. |
PDF Full Text Request