Skip to main content
SpringerLink
Log in

Feasible DDoS attack source traceback scheme by deterministic multiple packet marking mechanism

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

A main purpose of network security is to secure the system and its element parts from illegal access and misuse. Distributed denial of service (DDoS) attack is a crucial risk to the internet. A source traceback is a technology to control each and every computer crime. A feasible DDoS attack source traceback technique based on marking on demand (MOD) scheme is proposed to detect computer attack by using multiple packets for marking coding. In this proposed scheme, the MOD scheme is based on the deterministic multiple packet marking mechanism. Depending upon this finding, the proposed technique basically addresses the scalability issue of existing deterministic packet marking-based traceback schemes and perhaps to traceback to the individual cooperated computers more willingly than the present defined routers of attacking computers. Also, this technique is used to identify the malicious users who form the volume of traffic necessary to reject a service to computer user. To traceback the engaged attack source, there is a need to mark these engaged ingress routers by deterministic multiple packet marking mechanism. Simultaneously, the MOD server reports information of the marks and their connected requesting IP addresses. Once DDoS attack is proved, the victim will acquire attack sources through requesting MOD server by marks refined from attack packets. The confirmed DDoS attack is identified when it is higher than the tested threshold value. In this study, a mathematical model is established to prove the efficiency of the proposed source traceback technique in both real-world experiments and theoretical analysis. Extensive real-world experiments and theoretical analysis show that the proposed technique is efficient and feasible.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Source: Author

Fig. 2

Source: Author

Fig. 3

Source: Author

Fig. 4

Source: Author

Fig. 5

Source: Author

Fig. 6

Source: Author

Similar content being viewed by others

References

  1. Yu S, Zhou W, Jia W, Guo S, Xiang Y, Tang F (2012) Discriminating DDoS attacks from flash crowds using flow correlation coefficient. IEEE Trans Parallel Distrib Syst 23(6):794–805

    Google Scholar 

  2. Yu S, Tian Y, Guo S, Wu D (2014) Can we beat DDoS attacks in cloud? IEEE Trans Parallel Distrib Syst 25(9):2245–2254

    Google Scholar 

  3. Yu S, Zhou W, Doss R, Jia W (2011) Traceback of DDoS attacks using entropy variations. IEEE Trans Parallel Distrib Syst 22(3):412–425

    Google Scholar 

  4. Kaur S, Kumar R, Gopal G (2016) DDOS attacks: trends, challenges and possible solutions. Int J Sci Res Dev 4(04):1225–1232

    Google Scholar 

  5. Belenky A, Ansari N (2003) IP traceback with deterministic packet marking. IEEE Commun Lett 7(4):162–164

    Google Scholar 

  6. Revathi A, Vijayalakshmi J, Robin CRR (2017) An approach to traceback the IP packets dynamically in DDoS attack. Int J Latest Trends Eng Technol Special Issue NCRTCC, 026–031

  7. Yu S, Doss R, Zhou W (2008) Information theory based detection against network behavior mimicking DDoS attacks. IEEE Commun Lett 12(4):319–321

    Google Scholar 

  8. Yu S, Guo S, Stojmenovic I (2015) Fool me if you can: mimicking attacks and anti-attacks in cyberspace. IEEE Trans Comput 64(1):139–151

    MathSciNet  MATH  Google Scholar 

  9. Yu S, Zhou W, Guo S, Guo M (2016) A feasible IP traceback framework through dynamic deterministic packet marking. IEEE Trans Comput 65(5):1418–1427

    MathSciNet  MATH  Google Scholar 

  10. Belenky A, Ansari N (2007) On deterministic packet marking. Comput Netw 52(10):2677–2700

    MATH  Google Scholar 

  11. Xiang Y, Zhou W, Guo M (2008) Flexible deterministic packet marking: an IP traceback system to find the real source of attacks. IEEE Trans Parallel Distrib Syst 20(4):567–580

    Google Scholar 

  12. Liu J, Lee Z, Chung Y (2007) Dynamic probabilistic packet marking for efficient IP traceback. Comput Netw 51:866–882

    MATH  Google Scholar 

  13. John A, Sivakumar T (2009) DDoS: survey of traceback methods. Int J Recent Trends Eng 1(2):241–245

    Google Scholar 

  14. Yu S et al (2015) A feasible IP traceback framework through dynamic deterministic packet marking. IEEE Trans Comput 65:1–11

    MathSciNet  Google Scholar 

  15. Parameswari M, Sukumaran S (2016) Dynamic detection and protection mechanism against distributed denial of service attacks using fuzzy logic. Int J Appl Eng Res 4(7):5332–5337

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Technology, Faculty of CSE, Sathyabama Institute of Science and Technology, Rajiv Gandhi Salai, Jeppiaar Nagar, Chennai, Tamil Nadu, 600119, India

    S. Suresh

  2. Department of CSE, Sriram Engineering College, Perumalpattu, Veppampattu [R.S], Thiruvallur District, Chennai, Tamil Nadu, 602024, India

    N. Sankar Ram

Authors
  1. S. Suresh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. N. Sankar Ram
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to S. Suresh.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Suresh, S., Sankar Ram, N. Feasible DDoS attack source traceback scheme by deterministic multiple packet marking mechanism. J Supercomput 76, 4232–4246 (2020). https://doi.org/10.1007/s11227-018-2323-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-018-2323-8

Keywords

Search

Navigation