Increasing the effectiveness of packet marking schemes using wrap‐around counting Bloom filter. Issue 16 (7th July 2016)
- Record Type:
- Journal Article
- Title:
- Increasing the effectiveness of packet marking schemes using wrap‐around counting Bloom filter. Issue 16 (7th July 2016)
- Main Title:
- Increasing the effectiveness of packet marking schemes using wrap‐around counting Bloom filter
- Authors:
- Saurabh, Samant
Sairam, Ashok Singh - Abstract:
- Abstract: Latest variants of denial‐of‐service attack like low‐rate denial‐of‐service attack require very few packets for launching an attack. As a result, reducing the number of packets required for IP traceback has gained considerable importance. In packet marking schemes, routers probabilistically mark the packets. Therefore, a large number of packets is required by the victim to reconstruct the complete attack path. In this paper, we introduce an efficient data structure known as wrap‐around counting Bloom filter (WCBF) to minimize the required number of packets. WCBF maintains a set of cyclic counters to decide which particular mark needs to be sent to the victim for faster IP traceback. We prove the efficacy of our technique by performing detailed theoretical analysis and confirm it using extensive experimental results. In case of probabilistic packet marking, the proposed scheme reduces the number of packets by 5–10 times. Likewise, in case of deterministic packet marking, the number of packets required is reduced by 2–4 times. We also show that WCBF can be incorporated with different variants of probabilistic packet marking and deterministic packet marking to obtain effective results. Finally, we highlight the benefits of WCBF over the other traceback schemes like logging and hybrid traceback. Copyright © 2016 John Wiley & Sons, Ltd. Abstract : In this paper, we propose a novel technique to minimize the number of packets required for IP traceback for the packetAbstract: Latest variants of denial‐of‐service attack like low‐rate denial‐of‐service attack require very few packets for launching an attack. As a result, reducing the number of packets required for IP traceback has gained considerable importance. In packet marking schemes, routers probabilistically mark the packets. Therefore, a large number of packets is required by the victim to reconstruct the complete attack path. In this paper, we introduce an efficient data structure known as wrap‐around counting Bloom filter (WCBF) to minimize the required number of packets. WCBF maintains a set of cyclic counters to decide which particular mark needs to be sent to the victim for faster IP traceback. We prove the efficacy of our technique by performing detailed theoretical analysis and confirm it using extensive experimental results. In case of probabilistic packet marking, the proposed scheme reduces the number of packets by 5–10 times. Likewise, in case of deterministic packet marking, the number of packets required is reduced by 2–4 times. We also show that WCBF can be incorporated with different variants of probabilistic packet marking and deterministic packet marking to obtain effective results. Finally, we highlight the benefits of WCBF over the other traceback schemes like logging and hybrid traceback. Copyright © 2016 John Wiley & Sons, Ltd. Abstract : In this paper, we propose a novel technique to minimize the number of packets required for IP traceback for the packet marking schemes by introducing an efficient data structure known as wrap‐around counting Bloom filter (WCBF). In case of probabilistic packet marking (PPM), the proposed scheme reduces the required number of packets by 5–10 times. Likewise, in case of deterministic packet marking (DPM), the number of packets required is reduced by 2–4 times. Moreover, WCBF can be incorporated with all the different variants and extensions of PPM and DPM. … (more)
- Is Part Of:
- Security and communication networks. Volume 9:Issue 16(2016)
- Journal:
- Security and communication networks
- Issue:
- Volume 9:Issue 16(2016)
- Issue Display:
- Volume 9, Issue 16 (2016)
- Year:
- 2016
- Volume:
- 9
- Issue:
- 16
- Issue Sort Value:
- 2016-0009-0016-0000
- Page Start:
- 3467
- Page End:
- 3482
- Publication Date:
- 2016-07-07
- Subjects:
- Bloom filter -- distributed denial of service attack -- IP traceback -- deterministic packet marking -- probabilistic packet marking -- network security
Computer networks -- Security measures -- Periodicals
Computer security -- Periodicals
Cryptography -- Periodicals
005.805 - Journal URLs:
- http://onlinelibrary.wiley.com/journal/10.1002/(ISSN)1939-0122 ↗
https://www.hindawi.com/journals/scn/ ↗
http://onlinelibrary.wiley.com/ ↗ - DOI:
- 10.1002/sec.1554 ↗
- Languages:
- English
- ISSNs:
- 1939-0114
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD Digital store
- Ingest File:
- 48.xml