PT: A Path Tracing and Filtering Mechanism to Defend against DDoS Attacks

Saurabh, Samant; Sairam, Ashok Singh

doi:10.1007/978-3-642-22786-8_42

PT: A Path Tracing and Filtering Mechanism to Defend against DDoS Attacks

Samant Saurabh³ &
Ashok Singh Sairam³

Conference paper

2061 Accesses

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 157))

Abstract

Distributed Denial of Service Attack continues to plague the world. Defense against the DDoS attacks gets complicated due to IP spoofing. We propose a new packet marking technique PT (called Path Tracer) which imprints the fingerprint of the path taken by attack traffic in each packet, thereby enabling the victim to identify the attack traffic on per packet basis even in presence of IP Spoofing. Our Packet Marking Technique has many unique features. It helps the victim to proactively filter out the attack packets based on the unique path mark. A single packet contains information about complete attack path. The marking algorithm is very simple. Our approach does not create overhead in the packet and it does not require any extra storage. Analysis of our scheme proves the effectiveness of PT in filtering out DDoS traffic while allowing the legitimate traffic to be processed normally.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Savage, S., Wetherall, D., Karlin, A., Anderson, T.: Practical Network Support for IP Traceback. In: Proceedings of the 2000 ACM SIGCOMM Conference (August 2000)
Google Scholar
Snoeren, A.C., Partridge, C., Sanchez, L.A., Jones, C.E., Tchakountio, F., Schwartz, B., Kent, S.T., Strayer, W.T.: Single-packet IP traceback. IEEE/ACM Transactions on Networking (ToN) 10(6) (December 2002)
Google Scholar
Abraham, Y., Adrian, P., Dawn, S.: Pi: A Path Identification Mechanism to Defend Against DDoS Attacks. In: IEEE Symposium on Security and Privacy (May 2003)
Google Scholar
Ansari, N., Belenky, A.: IP Traceback with Deterministic Packet Marking. IEEE Communication letters (April 2003)
Google Scholar
Perrig, A., Yaar, A., Song, A.: StackPi: A New Defense Mechanism against IP Spoofing and DDoS Attacks, Technical Report, Carnegie Mellon University USA (2003)
Google Scholar
Snoeren, A.C., Partridge, C.L., Sanchez, A., Jones, C.E., Tchakountio, F.S., Kent, T., Strayer, W.T.: Hash-based IP traceback. In: ACM SIGCOMM (August 2001)
Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computer Science, IIT Patna, Patliputra Colony, Patna, India
Samant Saurabh & Ashok Singh Sairam

Authors

Samant Saurabh
View author publications
You can also search for this author in PubMed Google Scholar
Ashok Singh Sairam
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

College of Engineering, University Visvesvaraya, Bangalore, India
K. R. Venugopal
Defence Institute of Advanced Technology, Pune, India
L. M. Patnaik

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Saurabh, S., Sairam, A.S. (2011). PT: A Path Tracing and Filtering Mechanism to Defend against DDoS Attacks. In: Venugopal, K.R., Patnaik, L.M. (eds) Computer Networks and Intelligent Computing. ICIP 2011. Communications in Computer and Information Science, vol 157. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22786-8_42

Download citation

DOI: https://doi.org/10.1007/978-3-642-22786-8_42
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22785-1
Online ISBN: 978-3-642-22786-8
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics