L. Cheng, D. M. Divakaran, W. Y. Lim and V. L. L. Thing, "Opportunistic Piggyback Marking for IP Traceback," in IEEE Transactions on Information Forensics and Security, vol. 11, no. 2, pp. 273-288, Feb. 2016. doi: 10.1109/TIFS.2015.2491299
Abstract:
IP traceback is a solution for attributing cyber attacks, and it is also useful for accounting user traffic and
network diagnosis. Marking-based traceback (MBT) has been considered a promising traceback approach, and has received considerable attention. However, we find that the traceback message delivery problem in MBT, which is important to the successful completion of a traceback, has not been adequately studied in the literature. To address this issue, we present the design, analysis, and evaluation of opportunistic piggyback
marking (OPM) for IP traceback in this paper. The OPM distinguishes itself from the existing works by decoupling the traceback message content encoding and delivery functions in MBT, and efficiently achieves expedited and robust traceback message delivery by exploiting piggyback marking opportunities. Based on
the proposed OPM scheme, we then present the flexible marking-based traceback framework, which is a novel design paradigm for IP traceback and has several favorable features for practical deployment of IP traceback. Through the numerical analysis and the comprehensive simulation evaluations, we demonstrate that our design effectively reduces the traceback completion delay and router processing overhead, and increases the message delivery ratio compared with other baseline approaches.
License type:
PublisherCopyrights
Funding Info:
Description:
(c) 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.