By Topic

A new marking scheme to defend against distributed denial of service attacks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Gao, Z. ; Dept. of Electr. & Comput. Eng., New Jersey Inst. of Technol., Newark, NJ, USA ; Ansari, N. ; Karunakar Anantharam

In this paper, we propose a new mechanism to defend against distributed denial of service (DDoS) attacks with path information rather than IP address information. Instead of the complete binary tree model, our proposal is based on the four color theorem. The salient feature of the theorem is that it allows color reuse so that even if some portions of the map have more than 4 neighbors, 4 colors are still sufficient to mark all their borders. This idea of reuse is very important because some routers have many interfaces and the length of the ID field in the header of an IP packet, where the marking information is embedded, is very limited. Furthermore, our marking scheme takes the Internet hierarchy into account, and greatly relaxes the limitation on the number of interfaces of routers, thus making the scheme more practical. Simulation results have validated our design.

Published in:

Global Telecommunications Conference, 2004. GLOBECOM '04. IEEE  (Volume:4 )

Date of Conference:

29 Nov.-3 Dec. 2004