Hacking Path Retracing Algorithm using Packet Marking

패킷 마킹을 이용한 해킹경로 역추적 알고리즘

  • 원승영 ;
  • 한승완 ;
  • 서동일 ;
  • 김선영 ;
  • 오창석
  • Published : 2003.03.01


Retracing schemes using packet marking are currently being studied to protect network resources by isolating DDoS attack. One promising solution is the probabilistic packet marking (PPM). However, PPM can't use ICMP by encoding a mark into the IP identification field. Likewise, it can't identify the original source through a hash function used to encode trace information and reduce the mark size. In addition, the retracing problem overlaps with the result from the XOR operation. An algorithm is therefore proposed to pursue the attacker's source efficiently. The source is marked in a packet using a router ID, with marking information abstracted.


라우터 ID;패킷 마킹;역추적