By Topic

Effectiveness of advanced and authenticated packet marking scheme for traceback of denial of service attacks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
B. Rizvi ; Dept. of Electr. & Comput. Eng. & Comput. Sci., Cincinnati Univ., OH, USA ; E. Fernandez-Gaucherand

Advanced and authenticated packet marking (AAPM) [Song, D.X. et al., (2001)] scheme is one of the proposed packet marking schemes for the traceback of denial of service (DoS) attacks. AAPM uses hash functions to reduce the storage space requirement for encoding of router information in the IP header. In this paper we take the perspective of the attacker and analyze the effects of inserting fake edges against AAPM. Since the AAPM scheme is subject to spoofing of the marking field, by inserting fake edges (corrupting the marking field) in the packets the attacker can impede traceback. In this paper, we show that the attacker can increase this distance by inserting fake edges in packets. Therefore, the attacker can make it appear to the victim that the attack was launched from a node farther away than it actually was, thus maintaining his own anonymity.

Published in:

Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on  (Volume:2 )

Date of Conference:

5-7 April 2004