Research on packet marking algorithm resisted spoofed TTL value

doi:10.3778/j.issn.1002-8331.2008.23.039

Computer Engineering and Applications ›› 2008, Vol. 44 ›› Issue (23): 127-129.DOI: 10.3778/j.issn.1002-8331.2008.23.039

• 网络、通信、安全 • Previous Articles Next Articles

Research on packet marking algorithm resisted spoofed TTL value

LIU Yuan^1,2,LI Xiu-zhen²,ZHU Xiao-jian²

1.School of Computer，Nanjing University of Science & Technology，Nanjing 210094，China
2.College of Information Engineering of Southern Yangtze University，Wuxi，Jiangsu 214122，China

Received:2007-10-17 Revised:2008-01-11 Online:2008-08-11 Published:2008-08-11
Contact: LIU Yuan

防TTL值欺骗的数据包标记算法研究

刘渊^1,2,李秀珍²,朱晓键²

1.南京理工大学计算机学院，南京 210094
2.江南大学信息工程学院，江苏无锡 214122

通讯作者: 刘渊

Abstract

Abstract: Distributed Denial of Service（DDoS） attack is among the hardest network problems.To reply it，many kinds of schemes of countermeasures are proposed，these schemes all respectively have the good and bad points.But among these，an Adaptive Probabilistic Packet Making（APPM） is promising and using.In this paper，based on the snooped initial TTL value by the attacker，an adaptive marking scheme is improved，which is advantageous to resist spoofed TTL value，to reduce the router burden and save the IP packet’s space.

Key words: Distributed Denial of Service（DDoS）, packet marking, Adaptive Probabilistic Packet Making（APPM）, IP traceback

摘要： 分布式拒绝服务攻击是目前最难处理的网络难题之一，针对分布式拒绝服务攻击提出了多种应对方案，这些方案都各有优缺点，但其中自适应概率包标记受到了广泛地重视和运用。针对攻击者对TTL初始值的伪造提出了一种自适应策略，有利于防止TTL值的伪造，减少路由器处理器的负担，节省了IP包头的空间。

关键词: 分布式拒绝服务, 包标记, 自适应概率包标记, IP回溯

LIU Yuan^1,2,LI Xiu-zhen²,ZHU Xiao-jian². Research on packet marking algorithm resisted spoofed TTL value[J]. Computer Engineering and Applications, 2008, 44(23): 127-129.

刘渊^1,2,李秀珍²,朱晓键². 防TTL值欺骗的数据包标记算法研究[J]. 计算机工程与应用, 2008, 44(23): 127-129.

[1]	WANG Wentao, LI Shumei, TANG Jie, LYU Weilong. DDoS Attack Detection Method Based on Probability Graph Model and DNN [J]. Computer Engineering and Applications, 2021, 57(13): 108-115.
[2]	LIU Junjie, WANG Jun, WANG Menglin, WANG Yue. DDoS Attack Detection Based on C4.5 in SDN [J]. Computer Engineering and Applications, 2019, 55(20): 84-88.
[3]	FENG Bo1, GUO Fan2, TAN Suwen3. Attack source traceback scheme based on probabilistic packet marking for IPv6 network [J]. Computer Engineering and Applications, 2016, 52(6): 102-106.
[4]	SUN Jian, LIU Yuan, ZHAO Xinjie. Detection of application layer DDoS attacks based on clustering [J]. Computer Engineering and Applications, 2016, 52(21): 116-120.
[5]	HUANG Lujuan1，3, JIN Guang1，3, HE Jiaming2，3, JIANG Xianliang1. DDoS defense with jointed deployment of IP traceback and path identification [J]. Computer Engineering and Applications, 2014, 50(5): 74-78.
[6]	REN Yilong1, LIU Yuan1，2. Detecting method for DDoS attack based on wavelet analysis [J]. Computer Engineering and Applications, 2012, 48(31): 82-88.
[7]	FEI Hongxiao，LI Wenxing，QIN Siming，LI Qinxiu. Combined dynamic and static probabilistic packet marking scheme for IP traceback [J]. Computer Engineering and Applications, 2011, 47(9): 103-105.
[8]	DENG Yigui1，2，ZHANG Hailong1，TANG Xuewen1，2. Mixed packet marking encoding scheme based on cross-AS [J]. Computer Engineering and Applications, 2011, 47(8): 70-71.
[9]	ZHAI Guangqun，GAO Kainan. Research on detection system of DDoS attacks against DNS server [J]. Computer Engineering and Applications, 2011, 47(33): 94-97.
[10]	ZHANG Min，ZHAO Hongjie，XIONG Anping. New scheme for IP trace back [J]. Computer Engineering and Applications, 2011, 47(30): 83-85.
[11]	ZHANG Mei¹，REN Ping-an²，MA Jian-feng². Improved scheme of un-overwriting PPM for IP traceback [J]. Computer Engineering and Applications, 2010, 46(29): 117-119.
[12]	LV Jun-jie¹，LIU Li². New fragment marking algorithm for IP traceback [J]. Computer Engineering and Applications, 2010, 46(13): 4-7.
[13]	LIU Qiang¹，YIN Jian-ping¹，CHENG Jie-ren ^1，2，CAI Zhi-ping¹. Novel approach of DDoS forewarning [J]. Computer Engineering and Applications, 2009, 45(21): 132-135.
[14]	TAO Li-min. Integrated model for defending against DDoS attacks based on mobile Agent [J]. Computer Engineering and Applications, 2008, 44(4): 147-150.
[15]	WANG Xiu-li. Defense mechanism against DDoS attacks aiming at Web service based on traffic monitor [J]. Computer Engineering and Applications, 2008, 44(36): 115-118.

Research on packet marking algorithm resisted spoofed TTL value

防TTL值欺骗的数据包标记算法研究

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics