Performance Analysis of a TTL-Based Dynamic Packet Marking Scheme in IP Traceback
Xuan-Hien Dang and Shanmuga Devasundaram
International Symposium on Performance Evaluation of Computer and Telecommunication Systems (SPECTS 2007)
San Diego, California (USA), July 16-18, 2007
SPECTS_Summary
Packet marking is an IP traceback approach that calls for routers to mark packets with self-identifying information to help in tracing back to the packet origin in the context of a DOS attack. In Probabilistic Packet Marking routers, probabilistically decide whether or not to mark packets. However, a fixed marking probability set for all routers in PPM has proved to be ineffective as marked packets from distant routers are more likely to be remarked by downstream routers. In this work we propose an algorithm to dynamically set the value of the marking probability based on the Time-To-Live field in the IP header, which is a value that is directly accessible to routers without external support. We present simulation results to show the efficacy of our dynamic marking scheme, which offers significantly higher precision with fewer overheads both at the router and at the victim in reconstructing the attack path.