A novel mechanism based on Probabilistic Packet Marking (PPM) for IP traceback is presented. Our proposal enhances the performance of PPM in the following aspects. First, PPM can effectively trace Denial of Service (DoS) attacks and small-scale Distributed DoS (DDoS) attacks only while our proposal may also be used to tackle large-scale DDoS attacks. Second, our scheme eliminates a serious vulnerability of PPM, i.e., spoofed marking inscribed by the attacker intentionally. Third, by optimizing the marking probability and refining the marking mechanism, our scheme can significantly reduce the number of packets required for path reconstruction. In comparison with PPM, as many as 41.31% of marked packets required for a single path reconstruction may be reduced using our scheme.