208
Rashmi V. Deshmukh and Kailas K. Devadkar / Procedia Computer Science 49 ( 2015 ) 202 – 210
Certain methods used for tracing and identifying the attacker as as shown on table 2. Besides many techniques used
to stop DDoS attacks but not all of the can be detected and prevented. All that can be done is to reduce the impact of
the attack.
Table 2. Traceback Methods
Method
Description
ICMP traceback
The mechanism deals with forwarding low probability packets to each router and also sends an ICMP traceback
message to destination. With major no of ICMP messages which used to identify attacker, faces issues like additi-
onal tra
ffi
c, also the validation of these packets is di
ffi
cult and moreover path detection overhead of information fr-
om route map.
IP traceback
This method traces back the attacker’s path to find the origin of attack. In this technique the path of attacker is foll-
owed back to find its source. But this becomes di
ffi
cult if source accountability in TCP
/
IP protocol is disabled and
also internet is stateless
29
.
Link-testing traceback
This mechanism tests each of incoming links to check the probability of it being an attack. This is done by flooding
large tra
ffi
c and testing if it causes any network disruption. But the precondition to do this would be system that w-
ill be able to flood tra
ffi
c and information about topology of network
28
.
Probabilistic packet marking
This technique overcomes drawbacks of link-testing traceback as it does not require previous knowledge of netw-
ork topology, large tra
ffi
c etc. This advantage also overheads the systems but there are many methods to avoid this
overhead as proposed in
27
.
Dostları ilə paylaş: