Tracing to the source of a denial of service attack with an improved IP packet marking algorithm

Abstract

Disruptive DOS attacks have been on the increase since 2000, and tracing the source of an attack remains the most effective remedy, since litigation, policy and other measures can then be effected. Many tracing algorithms are complex requiring high computational resources and network overheads, while reactive methodologies are disruptive and can be considered to be denial of service attacks in themselves. An algorithm to trace a denial of service attack to its source is designed and simulated. Simulations are used to show that DOS packets can be traced to their source with a simple yet effective and secure algorithm, while more simulations highlight the comparative complexity of the reactive approach to packet tracing. In the end it remains true that the distributed forms of Denial of Service attacks (DDOS) still pose a challenge as tracing can best be effected to the point of a suspect zombie.