Modified Deterministic Packet Marking for DDoS Attack Traceback in IPv6 Network

Modified Deterministic Packet Marking for DDoS Attack Traceback in IPv6 Network

Although possible security threats were taken into consideration when IPv6 was formulated, attacks, especially distributed denial-of-service (DDoS), still exist in IPv6 network. This makes IP trace back schemes very relevant to the security of IPv6 network. As many current IP trace back schemes are...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: You-ye Sun, Cui Zhang, Shao-qing Meng, Kai-ning Lu
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Computer crime
Convergence
convergence time
DDoS
Destination Options Header
DPM
Encoding
false positive rate
IP networks
IPv6
Probabilistic logic
Routing
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 248
container_issue
container_start_page 245
container_title
container_volume
creator You-ye Sun
Cui Zhang
Shao-qing Meng
Kai-ning Lu
description Although possible security threats were taken into consideration when IPv6 was formulated, attacks, especially distributed denial-of-service (DDoS), still exist in IPv6 network. This makes IP trace back schemes very relevant to the security of IPv6 network. As many current IP trace back schemes are designed according to IPv4, they can not be directly used in IPv6 network. A modified Deterministic Packet Marking (DPM) for DDoS attack trace back in IPv6 network is presented in this work. This method is able to trace a huge number of simultaneous DDoS attackers. As the trace back process can be performed post-mortem, it can also trace the attacks that have not been noticed at first. Besides, it only takes a small amount of marked packets to complete the trace back process. It is also simple to implement and consumes practically no additional processing overhead on the network equipments. Although the initial motivation of modified DPM is to trace DDoS attack, it can also be used to filter anomaly traffic in IPv6 network.
doi_str_mv 10.1109/CIT.2011.59
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_6036763</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>6036763</ieee_id><sourcerecordid>6036763</sourcerecordid><originalsourceid>FETCH-LOGICAL-i90t-406092ba91899c028d5c303bc5b477dde865d43db5b67be8c9581c73ec8595603</originalsourceid><addsrcrecordid>eNotjMFKAzEURSMiqHVWLt3kB1pfJpPkZVmmWgdaW3D2ZZK8SqydkUxQ_HsrejfnwIHL2K2AmRBg7-umnZUgxEzZM1ZYg2C0VZVExHN2LSplDEiU4pIV4_gGp2mNqPGKbdZDiPtIgS8oUzrGPo45er7t_IEyX3fpEPtXvh8SXyyGFz7P-VR4mzpP7tdiz5vtp-bPlL-GdLhhF_vufaTinxPWPj609dN0tVk29Xw1jRbytAINtnSdFWithxKD8hKk88pVxoRAqFWoZHDKaeMIvVUovJHkUVmlQU7Y3d9tJKLdR4rHLn3vTkEbLeUPfTBMvg</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Modified Deterministic Packet Marking for DDoS Attack Traceback in IPv6 Network</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>You-ye Sun ; Cui Zhang ; Shao-qing Meng ; Kai-ning Lu</creator><creatorcontrib>You-ye Sun ; Cui Zhang ; Shao-qing Meng ; Kai-ning Lu</creatorcontrib><description>Although possible security threats were taken into consideration when IPv6 was formulated, attacks, especially distributed denial-of-service (DDoS), still exist in IPv6 network. This makes IP trace back schemes very relevant to the security of IPv6 network. As many current IP trace back schemes are designed according to IPv4, they can not be directly used in IPv6 network. A modified Deterministic Packet Marking (DPM) for DDoS attack trace back in IPv6 network is presented in this work. This method is able to trace a huge number of simultaneous DDoS attackers. As the trace back process can be performed post-mortem, it can also trace the attacks that have not been noticed at first. Besides, it only takes a small amount of marked packets to complete the trace back process. It is also simple to implement and consumes practically no additional processing overhead on the network equipments. Although the initial motivation of modified DPM is to trace DDoS attack, it can also be used to filter anomaly traffic in IPv6 network.</description><identifier>ISBN: 1457703831</identifier><identifier>ISBN: 9781457703836</identifier><identifier>EISBN: 9780769543888</identifier><identifier>EISBN: 076954388X</identifier><identifier>DOI: 10.1109/CIT.2011.59</identifier><language>eng</language><publisher>IEEE</publisher><subject>Computer crime ; Convergence ; convergence time ; DDoS ; Destination Options Header ; DPM ; Encoding ; false positive rate ; IP networks ; IPv6 ; Probabilistic logic ; Routing</subject><ispartof>2011 IEEE 11th International Conference on Computer and Information Technology, 2011, p.245-248</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/6036763$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,2058,27925,54920</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/6036763$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>You-ye Sun</creatorcontrib><creatorcontrib>Cui Zhang</creatorcontrib><creatorcontrib>Shao-qing Meng</creatorcontrib><creatorcontrib>Kai-ning Lu</creatorcontrib><title>Modified Deterministic Packet Marking for DDoS Attack Traceback in IPv6 Network</title><title>2011 IEEE 11th International Conference on Computer and Information Technology</title><addtitle>cit</addtitle><description>Although possible security threats were taken into consideration when IPv6 was formulated, attacks, especially distributed denial-of-service (DDoS), still exist in IPv6 network. This makes IP trace back schemes very relevant to the security of IPv6 network. As many current IP trace back schemes are designed according to IPv4, they can not be directly used in IPv6 network. A modified Deterministic Packet Marking (DPM) for DDoS attack trace back in IPv6 network is presented in this work. This method is able to trace a huge number of simultaneous DDoS attackers. As the trace back process can be performed post-mortem, it can also trace the attacks that have not been noticed at first. Besides, it only takes a small amount of marked packets to complete the trace back process. It is also simple to implement and consumes practically no additional processing overhead on the network equipments. Although the initial motivation of modified DPM is to trace DDoS attack, it can also be used to filter anomaly traffic in IPv6 network.</description><subject>Computer crime</subject><subject>Convergence</subject><subject>convergence time</subject><subject>DDoS</subject><subject>Destination Options Header</subject><subject>DPM</subject><subject>Encoding</subject><subject>false positive rate</subject><subject>IP networks</subject><subject>IPv6</subject><subject>Probabilistic logic</subject><subject>Routing</subject><isbn>1457703831</isbn><isbn>9781457703836</isbn><isbn>9780769543888</isbn><isbn>076954388X</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2011</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNotjMFKAzEURSMiqHVWLt3kB1pfJpPkZVmmWgdaW3D2ZZK8SqydkUxQ_HsrejfnwIHL2K2AmRBg7-umnZUgxEzZM1ZYg2C0VZVExHN2LSplDEiU4pIV4_gGp2mNqPGKbdZDiPtIgS8oUzrGPo45er7t_IEyX3fpEPtXvh8SXyyGFz7P-VR4mzpP7tdiz5vtp-bPlL-GdLhhF_vufaTinxPWPj609dN0tVk29Xw1jRbytAINtnSdFWithxKD8hKk88pVxoRAqFWoZHDKaeMIvVUovJHkUVmlQU7Y3d9tJKLdR4rHLn3vTkEbLeUPfTBMvg</recordid><startdate>201108</startdate><enddate>201108</enddate><creator>You-ye Sun</creator><creator>Cui Zhang</creator><creator>Shao-qing Meng</creator><creator>Kai-ning Lu</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>201108</creationdate><title>Modified Deterministic Packet Marking for DDoS Attack Traceback in IPv6 Network</title><author>You-ye Sun ; Cui Zhang ; Shao-qing Meng ; Kai-ning Lu</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i90t-406092ba91899c028d5c303bc5b477dde865d43db5b67be8c9581c73ec8595603</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2011</creationdate><topic>Computer crime</topic><topic>Convergence</topic><topic>convergence time</topic><topic>DDoS</topic><topic>Destination Options Header</topic><topic>DPM</topic><topic>Encoding</topic><topic>false positive rate</topic><topic>IP networks</topic><topic>IPv6</topic><topic>Probabilistic logic</topic><topic>Routing</topic><toplevel>online_resources</toplevel><creatorcontrib>You-ye Sun</creatorcontrib><creatorcontrib>Cui Zhang</creatorcontrib><creatorcontrib>Shao-qing Meng</creatorcontrib><creatorcontrib>Kai-ning Lu</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>You-ye Sun</au><au>Cui Zhang</au><au>Shao-qing Meng</au><au>Kai-ning Lu</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Modified Deterministic Packet Marking for DDoS Attack Traceback in IPv6 Network</atitle><btitle>2011 IEEE 11th International Conference on Computer and Information Technology</btitle><stitle>cit</stitle><date>2011-08</date><risdate>2011</risdate><spage>245</spage><epage>248</epage><pages>245-248</pages><isbn>1457703831</isbn><isbn>9781457703836</isbn><eisbn>9780769543888</eisbn><eisbn>076954388X</eisbn><abstract>Although possible security threats were taken into consideration when IPv6 was formulated, attacks, especially distributed denial-of-service (DDoS), still exist in IPv6 network. This makes IP trace back schemes very relevant to the security of IPv6 network. As many current IP trace back schemes are designed according to IPv4, they can not be directly used in IPv6 network. A modified Deterministic Packet Marking (DPM) for DDoS attack trace back in IPv6 network is presented in this work. This method is able to trace a huge number of simultaneous DDoS attackers. As the trace back process can be performed post-mortem, it can also trace the attacks that have not been noticed at first. Besides, it only takes a small amount of marked packets to complete the trace back process. It is also simple to implement and consumes practically no additional processing overhead on the network equipments. Although the initial motivation of modified DPM is to trace DDoS attack, it can also be used to filter anomaly traffic in IPv6 network.</abstract><pub>IEEE</pub><doi>10.1109/CIT.2011.59</doi><tpages>4</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISBN: 1457703831
ispartof 2011 IEEE 11th International Conference on Computer and Information Technology, 2011, p.245-248
issn
language eng
recordid cdi_ieee_primary_6036763
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Computer crime
Convergence
convergence time
DDoS
Destination Options Header
DPM
Encoding
false positive rate
IP networks
IPv6
Probabilistic logic
Routing
title Modified Deterministic Packet Marking for DDoS Attack Traceback in IPv6 Network
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-21T15%3A00%3A09IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Modified%20Deterministic%20Packet%20Marking%20for%20DDoS%20Attack%20Traceback%20in%20IPv6%20Network&rft.btitle=2011%20IEEE%2011th%20International%20Conference%20on%20Computer%20and%20Information%20Technology&rft.au=You-ye%20Sun&rft.date=2011-08&rft.spage=245&rft.epage=248&rft.pages=245-248&rft.isbn=1457703831&rft.isbn_list=9781457703836&rft_id=info:doi/10.1109/CIT.2011.59&rft_dat=%3Cieee_6IE%3E6036763%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&rft.eisbn=9780769543888&rft.eisbn_list=076954388X&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=6036763&rfr_iscdi=true