Scheduled System Maintenance:
On May 6th, single article purchases and IEEE account management will be unavailable from 8:00 AM - 12:00 PM ET (12:00 - 16:00 UTC). We apologize for the inconvenience.
By Topic

An Efficient Defense against Distributed Denial-of-Service Attacks using Congestion Path Marking

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Yoohwan Kim ; School of Computer Science. Email: yoohwan@cs.unlv.edu ; Ahmed Abd El Al ; Ju-Yeon Jo ; Mei Yang
more authors

The Distributed Denial-of-Service (DDoS) attack is a serious threat in the Internet, and an effective method is needed for distinguishing the attack traffic from the legitimate traffic. In DDoS attacks, the large volume of attack streams cause self-induced congestion or higher utilization of the links. Based on this observation, we propose the Congestion Path Marking (CPM) scheme to identify and drop the attack packets. In this proposed scheme, we store the link utilization information in the packet header so that suspicious attack packets can be distinguished. Each router along the path records its local congestion information, and this information is accumulated to represent the overall congestion level that a packet has experienced. To enable light-weight real-time processing, we employ a RED-like random packet dropping mechanism at the victim's egress router. Through simulations, we show that when the CPM scheme is employed, most of the attack packets in excess of the link capacity are dropped while less than 4% of the legitimate packets are dropped in typical scenarios. The simulation result also shows significantly improved TCP performance when CPM is utilized.

Published in:

Communications, 2006. ICC '06. IEEE International Conference on  (Volume:5 )

Date of Conference:

June 2006