A study on implementing probabilistic packet marking in IPv6

Document Type

Conference Proceeding

Source of Publication

International Symposium on Performance Evaluation of Computer and Telecommunication Systems 2006, SPECTS'06, Part of the 2006 Summer Simulation Multiconference, SummerSim'06

Publication Date

12-1-2006

Abstract

Lack of source authentication in the IP protocol helps to encourage denial-of-service attacks. The open and trusting nature of the protocol makes the task of identifying an attacker difficult if the attacker chooses to spoof the source address. Probabilistic Packet Marking (PPM) is an IP traceback approach that seeks to identify attackers by marking individual packets with portion of the attack path, and relies on the volume of attack traffic generated to reconstruct the whole path. In this work, we consider the fragmentation problem associated with the overloading of the identification field in IPv4 packet header in PPM implementation, and demonstrate how this can be resolved in IPv6. We show that the flow label field in the IPv6 datagram header can be safely and effectively overloaded to implement PPM schemes, and present simulation results verifying the applicability and efficiency of our approach.

ISBN

9781622763535

First Page

415

Last Page

422

Disciplines

Business

Keywords

IP traceback, IPv6, Probabilistic packet marking, Security

Scopus ID

84870033338

Indexed in Scopus

yes

Open Access

no

This document is currently not available here.

Share

COinS