American Journal of Applied Sciences

A Novel Packet Marketing Method in DDoS Attack Detection

Changhyun Beak, Junaid Ahsenali Chaudhry, Keonsoo Lee, Seungkyu Park and Minkoo Kim

DOI : 10.3844/ajassp.2007.741.745

American Journal of Applied Sciences

Volume 4, Issue 10

Pages 741-745

Abstract

Functionality and availability are one of the main characteristics of internet and hence very inviting for attackers to try to provoke a denial-of-service attack. As the intensity and frequency of DDoS attacks has increased, various preventive mechanisms have also been proposed. One of the most effective defence mechanisms proposed was Path Identification (Pi). This method tracks the packet transmission path. With this packets carrying path information, the victim node can defend itself from DDoS attack by filtering the packets transmitting via/from an attacking node. The Pi method has advantages such as trivial operation, filtering on a per-packet and independency on router for blocking over the other trace back methods etc. As the Pi method uses the router's IP address to construct the path information of each packet, which was stored in each packet's ID field. However, because of the limitation of the ID field, only two bits of resulted message digest of router's IP address are used, which results in same path information representing different paths. To ad-dress this problem, we propose using Link-ID's instead of IP addresses or routers to construct the path information of each packet. A Link-ID was the in-formation of path between Border Gateway Protocol (BGP) routers in the Autonomic Systems (AS) and each BGP router's connection to the outside of the AS. Further analysis shows promising results if compared with contemporary filtering methods.

Copyright

© 2007 Changhyun Beak, Junaid Ahsenali Chaudhry, Keonsoo Lee, Seungkyu Park and Minkoo Kim. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.