Extended deterministic edge router marking Online publication date: Sat, 30-Aug-2014
by Samant Saurabh; Sangita Roy; Ashok Singh Sairam
International Journal of Communication Networks and Distributed Systems (IJCNDS), Vol. 13, No. 2, 2014
Abstract: In this paper, a novel deterministic edge router marking scheme to mitigate denial of service (DoS) attacks and perform traceback is proposed. The scheme is compatible to packet fragmentation and at the same time does not add space overhead. The proposed technique produces low false positive as well as adds very low processing and storage overhead at the edge router. An issue with existing filtering scheme for DoS attacks is that they suffer from heavy collateral damage. Our proposed scheme minimises collateral damage using signature pushback and allows legitimate traffic to be served smoothly. We optimise pushback by using Lamport hash chain and filtering time by sorting the attack feature based on its entropy. Empirical results confirm that our system is fast, accurate, scalable and greatly reduces blocking of legitimate traffic during the filtering phase.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Communication Networks and Distributed Systems (IJCNDS):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook