Scalable packet digesting schemes for IP traceback

Tsern-Huei Lee, Wei Kai Wu, Tze Yau William Huang

Research output: Contribution to journalConference articlepeer-review

37 Scopus citations


Identifying the sources of an attack is an important task in the Internet security area. An attack could consist of a large number of packet streams generated by many compromised slaves that consume resources associated with various network elements to deny normal services or a few offending packets to disable a system. Several techniques based on probabilistic samples of transit packets have been developed to determine the sources of large packet flows. It seems that logging of packet digests is necessary for traceback of an individual packet A clever technique based on Bloom filters has recently been proposed to generate the audit trails for each individual packet within the network. The scheme is effective. However, the storage requirement is approximately 0.5% of the link capacity, which becomes a problem as link capacity increases. In this paper, we propose packet digesting schemes for flows and sets of packets sharing the same source and destination addresses. Compared with the individual packet digesting scheme, these schemes can achieve similar goals and are much more scalable. Simulations with real Internet traffic show that the storage requirements of our proposed schemes are one to two orders of magnitude lower.*.

Original languageAmerican English
Article number1312653
Pages (from-to)1008-1013
Number of pages6
JournalIEEE International Conference on Communications
StatePublished - 20 Jun 2004
Event2004 IEEE International Conference on Communications - Paris, France
Duration: 20 Jun 200424 Jun 2004

Fingerprint Dive into the research topics of 'Scalable packet digesting schemes for IP traceback'. Together they form a unique fingerprint.

Cite this