Tracemax: A Novel Single Packet IP Traceback Strategy for Data-Flow Analysis
This addresses the problem of DDoS attacks for network security systems, offering an incremental improvement in traceback efficiency.
The paper tackles the challenge of identifying packet routing paths in networks by introducing Tracemax, a novel single-packet IP traceback strategy that enables tracing over more hops than existing techniques, and it effectively reduces the impact of DDoS attacks while allowing non-malicious connections to pass.
The identification of the exact path that packets are routed on in the network is quite a challenge. This paper presents a novel, efficient traceback strategy named Tracemax in context of a defense system against distributed denial of service (DDoS) attacks. A single packet can be directly traced over many more hops than the current existing techniques allow. In combination with a defense system it differentiates between multiple connections. It aims to letting non-malicious connections pass while bad ones get thwarted. The novel concept allows detailed analyses of the traffic and the transmission path through the network. The strategy can effectively reduce the effect of common bandwidth and resource consumption attacks, foster early warning and prevention as well as higher the availability of the network services for the wanted customers.