Abstract
Identifying the source address of an IP packet is difficult with the IP protocol. Consequently it has been difficult to resolve distributed denial of service (DDoS) attacks on the Internet. This paper presents an autonomous system (AS) methodology for IP trace back based on the probabilistic packet marking (PPM) scheme. Although many PPM mechanisms have been proposed, almost all assume that all routers in the Internet support PPM. However, such an assumption is impractical for operational and deployment reasons. In this paper, we design an IP trace back technique that extends the architecture to a 32-bit AS number. Our proposed method combines the Internet topology and the PPM, which has not been previously discussed in detail. To discuss the optimum probability for packet marking, consideration of the network topology properties and the router load is necessary. We demonstrate our results by our implementation and verify that marking does not have an impact on performance. The results imply that we can calculate the optimum probability from only the topology property. In our calculations, the optimum probability of 0.092 is obtained. © 2011 IEEE.