Tracemax: A Novel Single Packet IP Traceback Strategy for Data-Flow Analysis

by   Peter Hillmann, et al.

The identification of the exact path that packets are routed on in the network is quite a challenge. This paper presents a novel, efficient traceback strategy named Tracemax in context of a defense system against distributed denial of service (DDoS) attacks. A single packet can be directly traced over many more hops than the current existing techniques allow. In combination with a defense system it differentiates between multiple connections. It aims to letting non-malicious connections pass while bad ones get thwarted. The novel concept allows detailed analyses of the traffic and the transmission path through the network. The strategy can effectively reduce the effect of common bandwidth and resource consumption attacks, foster early warning and prevention as well as higher the availability of the network services for the wanted customers.



There are no comments yet.


page 1

page 2

page 3

page 4


A Survey of Distributed Denial of Service Attacks and Defenses

A distributed denial-of-service (DDoS) attack is an attack wherein multi...

Mitigating Low-volume DoS Attacks with Data-driven Resource Accounting

Low-volume Denial-of-Service (μDoS) attacks have been demonstrated to fu...

Evaluating Snowflake as an Indistinguishable Censorship Circumvention Tool

Tor is the most well-known tool for circumventing censorship. Unfortunat...

Dynamic MTU for Reducing the Packet Drop in IPv6 Protocol

With an increase in the number of internet users and the need to secure ...

You Do (Not) Belong Here: Detecting DPI Evasion Attacks with Context Learning

As Deep Packet Inspection (DPI) middleboxes become increasingly popular,...

MPD: Moving Target Defense through Communication Protocol Dialects

Communication protocol security is among the most significant challenges...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.