@inproceedings{6372135239454c31a5ccd7de4dec86f1,
title = "Performance of IP address fragmentation strategies for DDoS traceback",
abstract = "Distributed denial-of-service (DDoS) attacks are among the most difficult and damaging security problems that the Internet currently faces. The component problems for an end-system that is the victim of a DDoS attack are: determining which incoming packets are part of the attack (intrusion detection); tracing back to find the origins of the attack (i.e., {"}traceback{"}); taking action to mitigate or stop the attack at the source by configuring firewalls or taking some kind of punitive measures. The preferable solution to these problems operates in real time so that a DDoS attack can be mitigated before the victim is seriously harmed. The paper focuses on the technique of packet marking/overloading for automated DDoS traceback which is a complex problem simply because attackers can use spoof source IP addresses in their attacking packets. A new packet marking strategy is proposed and is shown to yield better results in terms of complexity and performance.",
author = "I. Hamadeh and G. Kesidis",
note = "Publisher Copyright: {\textcopyright} 2003 IEEE.; 3rd IEEE Workshop on IP Operations and Management, IPOM 2003 ; Conference date: 01-10-2003 Through 03-10-2003",
year = "2003",
doi = "10.1109/IPOM.2003.1251217",
language = "English (US)",
series = "Proceedings of the 3rd IEEE Workshop on IP Operations and Management, IPOM 2003",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "1--7",
editor = "Deep Medhi",
booktitle = "Proceedings of the 3rd IEEE Workshop on IP Operations and Management, IPOM 2003",
address = "United States",
}