Overview of Traceback Mechanisms and Their Applicability

Heung-Youl YOUM  

IEICE TRANSACTIONS on Information and Systems   Vol.E94-D   No.11   pp.2077-2086
Publication Date: 2011/11/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.E94.D.2077
Print ISSN: 0916-8532
Type of Manuscript: INVITED PAPER (Special Section on Information and Communication System Security)
traceback,  packet logging,  packet marking,  overlay network,  hybrid traceback,  denial of service,  

Full Text: FreePDF(1.8MB)

As an increasing number of businesses and services depend on the Internet, protecting them against DDoS (Distributed Denial of Service) attacks becomes a critical issue. A traceback is used to discover technical information concerning the ingress points, paths, partial paths or sources of a packet or packets causing a problematic network event. The traceback mechanism is a useful tool to identify the attack source of the (DDoS) attack, which ultimately leads to preventing against the DDoS attack. There are numerous traceback mechanisms that have been proposed by many researchers. In this paper, we analyze the existing traceback mechanisms, describe the common security capabilities of traceback mechanisms, and evaluate them in terms of the various criteria. In addition, we identify typical application of traceback mechanisms.