The full text of this article


Vulnerabilities in distance-indexed IP traceback schemes
by Jianping Pan, Lin Cai, Xuemin Sherman Shen
International Journal of Security and Networks (IJSN), Vol. 2, No. 1/2, 2007


Abstract: In order to counter Denial-of-Service (DoS) attacks using spoofed source addresses, many IP traceback schemes have been proposed in the last few years. Among them, distance-indexed probabilistic packet marking schemes appear to be very attractive. In this paper, we first discover two intrinsic vulnerabilities in these schemes. Substantiated by efficacy analysis and numerical results, several exploits are designed to take advantage of these vulnerabilities in an efficient manner when compared with the traceback effort attempted by victims. Consequently, we show that the design goal of these schemes can be compromised in practice. Further, we discuss these vulnerabilities in a general context relevant to network protocols and examine a few possible alternatives.

Online publication date: Fri, 16-Mar-2007


is only available to individual subscribers or to users at subscribing institutions.

Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.

Pay per view:
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.

Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Security and Networks (IJSN):
Login with your Inderscience username and password:


    Username:        Password:         

Forgotten your password?

Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.

If you still need assistance, please email