A new marking scheme to defend against distributed denial of service attacks

Zhiqiang Gao, Nirwan Ansari, Karunakar Anantharam

Research output: Contribution to conferencePaperpeer-review

8 Scopus citations

Abstract

In this paper, we propose a new mechanism to defend against Distributed Denial of Service (DDoS) attacks with path information rather than IP address information. Instead of the complete binary tree model, our proposal is based on the Four Color Theorem. The salient feature of the Theorem is that it allows color reuse so that even some portions of the map have more than 4 neighbors, 4 colors are still sufficient to mark all their borders. This idea of reuse is very important because some routers have many interfaces and the length of the ID field in the header of an IP packet, where the marking information is embedded, is very limited. Furthermore, our marking scheme takes the Internet hierarchy into account, and greatly relaxes the limitation on the number of interfaces of routers, thus making the scheme more practical. Simulation results have validated our design.

Original languageEnglish (US)
Pages2256-2260
Number of pages5
StatePublished - 2004
EventGLOBECOM'04 - IEEE Global Telecommunications Conference - Dallas, TX, United States
Duration: Nov 29 2004Dec 3 2004

Other

OtherGLOBECOM'04 - IEEE Global Telecommunications Conference
Country/TerritoryUnited States
CityDallas, TX
Period11/29/0412/3/04

All Science Journal Classification (ASJC) codes

  • General Engineering

Keywords

  • DoS/DDoS attack
  • Four color theorem
  • Marking
  • Network security

Fingerprint

Dive into the research topics of 'A new marking scheme to defend against distributed denial of service attacks'. Together they form a unique fingerprint.

Cite this