A dynamic path identification mechanism to defend against DDoS attacks

GangShin Lee, Heeran Lim, Manpyo Hong, Dong Hoon Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

Many Researchers have tried to design mechanisms to resist Distributed Denial of Service(DDoS) attacks. Unfortunately, any of them has not been satisfactory. Recently, Yaar et al. suggested Pi (short for Path Identifier) marking scheme as one of solutions to thwart DDoS attacks, which is fast and effective in dropping the false positive and negative packets from users and attackers. They make use of the IP Identification field of which length is 16 bits as marking section. Every router en-route to the victim marks 1-bit or 2-bits by wrapping method sequentially. The victim drops the false positive and negative packets according to the attack markings list. The performance of Pi is measured for marking bit size of 1 or 2 bits. This paper suggests the method to decide the marking bit size dynamically in accordance with the number of hop counts. The performance is quite improved, compared with the existing one.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science
EditorsC. Kim
Pages806-813
Number of pages8
Volume3391
Publication statusPublished - 2005
EventInternational Conference on Information Networking, ICOIN 2005 - Jeju Island, Korea, Republic of
Duration: 2005 Jan 312005 Feb 2

Other

OtherInternational Conference on Information Networking, ICOIN 2005
CountryKorea, Republic of
CityJeju Island
Period05/1/3105/2/2

Fingerprint

Routers
Denial-of-service attack

ASJC Scopus subject areas

  • Computer Science (miscellaneous)

Cite this

Lee, G., Lim, H., Hong, M., & Lee, D. H. (2005). A dynamic path identification mechanism to defend against DDoS attacks. In C. Kim (Ed.), Lecture Notes in Computer Science (Vol. 3391, pp. 806-813)

A dynamic path identification mechanism to defend against DDoS attacks. / Lee, GangShin; Lim, Heeran; Hong, Manpyo; Lee, Dong Hoon.

Lecture Notes in Computer Science. ed. / C. Kim. Vol. 3391 2005. p. 806-813.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Lee, G, Lim, H, Hong, M & Lee, DH 2005, A dynamic path identification mechanism to defend against DDoS attacks. in C Kim (ed.), Lecture Notes in Computer Science. vol. 3391, pp. 806-813, International Conference on Information Networking, ICOIN 2005, Jeju Island, Korea, Republic of, 05/1/31.
Lee G, Lim H, Hong M, Lee DH. A dynamic path identification mechanism to defend against DDoS attacks. In Kim C, editor, Lecture Notes in Computer Science. Vol. 3391. 2005. p. 806-813
Lee, GangShin ; Lim, Heeran ; Hong, Manpyo ; Lee, Dong Hoon. / A dynamic path identification mechanism to defend against DDoS attacks. Lecture Notes in Computer Science. editor / C. Kim. Vol. 3391 2005. pp. 806-813
@inproceedings{ba8bdd0c7b994604af858372b7cfe6c4,
title = "A dynamic path identification mechanism to defend against DDoS attacks",
abstract = "Many Researchers have tried to design mechanisms to resist Distributed Denial of Service(DDoS) attacks. Unfortunately, any of them has not been satisfactory. Recently, Yaar et al. suggested Pi (short for Path Identifier) marking scheme as one of solutions to thwart DDoS attacks, which is fast and effective in dropping the false positive and negative packets from users and attackers. They make use of the IP Identification field of which length is 16 bits as marking section. Every router en-route to the victim marks 1-bit or 2-bits by wrapping method sequentially. The victim drops the false positive and negative packets according to the attack markings list. The performance of Pi is measured for marking bit size of 1 or 2 bits. This paper suggests the method to decide the marking bit size dynamically in accordance with the number of hop counts. The performance is quite improved, compared with the existing one.",
author = "GangShin Lee and Heeran Lim and Manpyo Hong and Lee, {Dong Hoon}",
year = "2005",
language = "English",
volume = "3391",
pages = "806--813",
editor = "C. Kim",
booktitle = "Lecture Notes in Computer Science",

}

TY - GEN

T1 - A dynamic path identification mechanism to defend against DDoS attacks

AU - Lee, GangShin

AU - Lim, Heeran

AU - Hong, Manpyo

AU - Lee, Dong Hoon

PY - 2005

Y1 - 2005

N2 - Many Researchers have tried to design mechanisms to resist Distributed Denial of Service(DDoS) attacks. Unfortunately, any of them has not been satisfactory. Recently, Yaar et al. suggested Pi (short for Path Identifier) marking scheme as one of solutions to thwart DDoS attacks, which is fast and effective in dropping the false positive and negative packets from users and attackers. They make use of the IP Identification field of which length is 16 bits as marking section. Every router en-route to the victim marks 1-bit or 2-bits by wrapping method sequentially. The victim drops the false positive and negative packets according to the attack markings list. The performance of Pi is measured for marking bit size of 1 or 2 bits. This paper suggests the method to decide the marking bit size dynamically in accordance with the number of hop counts. The performance is quite improved, compared with the existing one.

AB - Many Researchers have tried to design mechanisms to resist Distributed Denial of Service(DDoS) attacks. Unfortunately, any of them has not been satisfactory. Recently, Yaar et al. suggested Pi (short for Path Identifier) marking scheme as one of solutions to thwart DDoS attacks, which is fast and effective in dropping the false positive and negative packets from users and attackers. They make use of the IP Identification field of which length is 16 bits as marking section. Every router en-route to the victim marks 1-bit or 2-bits by wrapping method sequentially. The victim drops the false positive and negative packets according to the attack markings list. The performance of Pi is measured for marking bit size of 1 or 2 bits. This paper suggests the method to decide the marking bit size dynamically in accordance with the number of hop counts. The performance is quite improved, compared with the existing one.

UR - http://www.scopus.com/inward/record.url?scp=24144502370&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=24144502370&partnerID=8YFLogxK

M3 - Conference contribution

VL - 3391

SP - 806

EP - 813

BT - Lecture Notes in Computer Science

A2 - Kim, C.

ER -