Reflective probabilistic packet marking scheme for IP traceback (Japanese)

In: Transactions of the Information Processing Society of Japan   ;  44 ,  8  ;  1848-1860  ;  2003
  • ISSN:
  • Article (Journal)  /  Print

How to get this document?

This paper describes the design and implementation of reflective probabilistic packet marking (RPPM) scheme, which is a traceback scheme against distributed denial-of-service (DDoS) attacks. Attacks include traffic laundered by reflectors which are sent false requests by attackers posing as a victim. Reflectors are among the hardest security problems on today's Internet. One promising solution to tracing the origin of attacks, the probabilistic packet marking (PPM) scheme, has proposed. However, conventional PPM cannot work against reflector attacks - reflector problem. Also, it encodes a mark into IP identification field, this disables the use of ICMP$encoding problem. RPPM is a solution to both the reflector and encoding problem. We have extended PPM to render reflectors ineffectual by reflecting marking statistics of incoming packets at reflectors in order to trace the origin of the attacks. Furthermore, we have encoded a mark into the IP option field without reducing necessary information. Thus, RPPM can traceback beyond reflectors, ensures ICMP-compatibility, and eliminates possibility of failure in attack path reconstruction. Simulation results and our implementation based on Linux demonstrated that RPPM retains the semantics of conventional PPM on a path between an attacker and a reflector, and its performance is feasible for practice.

Table of contents – Volume 44, Issue 8

Show all volumes and issues

The tables of contents are generated automatically and are based on the data records of the individual contributions available in the index of the TIB portal. The display of the Tables of Contents may therefore be incomplete.

1848
Reflective probabilistic packet marking scheme for IP traceback
Nishio, N. / Harashima, N. / Tokuda, H. | 2003
1884
Construction of a steganography with handwriting information
Segawa, N. / Murayama, Y. / Miyazaki, M. / Nemoto, Y. | 2003
1970
A bounty hunting-based copyright protection system for Website content
Matsushita, T. / Nishigaki, T. / Soga, M. / Takubo, A. / Nakamura, I. | 2003
2060
T/TCP for DNS: a performance and security analysis
Rikitake, K. / Nakao, K. / Nogawa, H. / Shimojo, S. | 2003
2072
A method of tamper-proof using digital signature and patrol, and its application to the WWW
Inomata, T. / Itagaki, S. / Soga, M. / Nishigaki, M. | 2003
2170
A random number generation using prediction error of round trip time on IP network
Shiraishi, Y. / Kohfuji, T. / Morii, M. | 2003
2178
Analyzing the quality of legacy software based on code clone
Monden, A. / Sato, S. / Kamiya, T. / Matsumoto, K. | 2003
2244
Fast level set method and realtime tracking of moving objects in a sequence of images
Kurazume, R. / Yui, S. / Tsuji, T. / Iwashita, Y. / Hara, K. / Hasegawa, T. | 2003