Download presentation
Presentation is loading. Please wait.
Published byShawn Juniper Griffin Modified over 9 years ago
1
A Divide-and-Conquer Strategy for Thwarting DDoS Attacks Randolph Marchany (VT) Jung-Min Park (VT) Ruiliang Chen (VT) Presented by Panoat Chuchaisri
2
Outline Proposed scheme –AD : Attack Diagnosis –PAD : Parallel Attack Diagnosis Overview Simulation Results Conclusion
3
AD & PAD Features Support ideal DDoS countermeasure paradigm No overhead during normal traffic Deterministic packet marking Provide adjustable parameter Do not require global key distribution
4
Overview PID 4-8-24-42
5
Overview (contd.) Mark packet using 16-bit identification field and 1 reserved bit in IP header Use –a-bit hop-count field –b-bit PID field –c-bit XOR field a + b + c = 17, b ≥ c
6
Overview (contd.) ADMM (Active DMM) –Set hop-count field to zero –Copy own PID into PID field –Copy last c bits of PID to XOR field PDMM (Passive DMM) –Increase hop-count field by one –XOR field = last c bits of PID XOR field
7
AD DAI ■ ADMM ■ PDMM 27 42 21 24 7 62 DAI DII 42 36 52 8 47 29 18 21 4 DII 24
8
PAD Traceback multiple attack path simultaneously DII 42 → DII 42,27 Identify upstream interface using XOR
9
hopPIDXOR PAD DAI DII 27,42 27 42 21 24 62 7 24 50 19 0 42 27 2450 41 1
10
Simulation Results
11
Simulation Results (contd.)
12
UNACCEPTABLE
13
Conclusion AD and PAD employ divide-and-conquer strategy to isolate attackers Combine traceback and filtering technique Suffer deployment problem
14
Thank You!
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.