Article: Scalable traceback against distributed denial of service Journal: International Journal of Web and Grid Services (IJWGS) 2006 Vol.2 No.2 pp.221 - 233 Abstract: Distributed Denial of Service (DDoS) attacks have recently emerged as one of the most potent, if not the greatest, weaknesses of the internet. Previous solutions for this problem try to traceback to the exact origin of the attack by requiring the participation of all routers. For many reasons this requirement is impractical. In the presence of non-participating routers most of the proposed schemes either fail in reconstructing the attack path or end up with an approximate location of the attacker. We propose Scalable Traceback (ST), an approach based on autonomous systems, to address this issue. ST has significant improvements over other works in several dimensions: (1) with just a few tens of packets, ST enables the victim to reconstruct the attack graph, an improvement of two to three orders of magnitude when compared to previous schemes; (2) ST scales to large distributed attacks with thousands of attacks; (3) the reconstruction takes only tens of seconds; (4) ST performs well even in the presence of legacy routers. Inderscience Publishers - linking academia, business and industry through research

Title: Scalable traceback against distributed denial of service

Authors: Mimoza Durresi, Leonard Barolli, Vamsi Paruchuri, Arjan Durresi

Addresses: Department of Information and Communication Engineering, Faculty of Information Engineering, Fukuoka Institute of Technology, 3–30–1 Wajiro-Higashi, Higashi-ku, Fukuoka 811–0295, Japan. ' Department of Information and Communication Engineering, Faculty of Information Engineering, Fukuoka Institute of Technology, 3–30–1 Wajiro-Higashi, Higashi-ku, Fukuoka 811–0295, Japan. ' Department of Computer Science, Louisiana State University, Baton Rouge, LA 70803, USA. ' Department of Computer Science, Louisiana State University, Baton Rouge, LA 70803, USA

Abstract: Distributed Denial of Service (DDoS) attacks have recently emerged as one of the most potent, if not the greatest, weaknesses of the internet. Previous solutions for this problem try to traceback to the exact origin of the attack by requiring the participation of all routers. For many reasons this requirement is impractical. In the presence of non-participating routers most of the proposed schemes either fail in reconstructing the attack path or end up with an approximate location of the attacker. We propose Scalable Traceback (ST), an approach based on autonomous systems, to address this issue. ST has significant improvements over other works in several dimensions: (1) with just a few tens of packets, ST enables the victim to reconstruct the attack graph, an improvement of two to three orders of magnitude when compared to previous schemes; (2) ST scales to large distributed attacks with thousands of attacks; (3) the reconstruction takes only tens of seconds; (4) ST performs well even in the presence of legacy routers.

Keywords: scalable traceback; traceback; distributed denial of service; DDoS; web services.

DOI: 10.1504/IJWGS.2006.010808

International Journal of Web and Grid Services, 2006 Vol.2 No.2, pp.221 - 233

Published online: 04 Sep 2006 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article

Title: Scalable traceback against distributed denial of service

Keep up-to-date