Packet marking probability selecting method and device for inter-domain retrospect

A marking and probabilistic technology, applied in the Internet field, can solve problems such as inaccurate attack paths, increasing router marking overhead, and inability to defend against counterfeit markings, so as to avoid repeated marking, reduce marking overhead, and improve reconstruction speed.

Inactive Publication Date: 2010-12-15
TSINGHUA UNIV
View PDF1 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the selection of marking probability and the marking mechanism in the current various probabilistic packet marking technologies are not optimized enough
[0009] First, the victim needs to receive more data packets to reconstruct the attack path, which slows down the reconstruction speed of the attack path; second, it cannot prevent the attacker from forging the mark, causing the victim to reconstruct the attack path inaccurately; Third, the downstream router will overwrite the mark of the upstream router, resulting in repeated marks and increasing the router mark overhead

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Packet marking probability selecting method and device for inter-domain retrospect
  • Packet marking probability selecting method and device for inter-domain retrospect
  • Packet marking probability selecting method and device for inter-domain retrospect

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary only for explaining the present invention and should not be construed as limiting the present invention.

[0031] The purpose of the present invention is to provide a better marking probability selection method and device for inter-domain traceability, suitable for IPv6 and IPv4.

[0032] first reference figure 1 , which is a flowchart of a method for selecting packet marking probability for inter-domain traceability according to an embodiment of the present invention.

[0033] Check the corresponding indicator bit (indicator bit) of the data packet entering or leaving the current AS at the interface of the BGP router of the current autonomo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a packet marking probability selecting method and a packet marking probability selecting device for inter-domain retrospect. A corresponding indicating bit of a data packet entering or leaving the current AS is checked at an interface of a BGP router of the current autonomous system AS, which is externally connected with an adjacent AS; when the indicating bit of the data packet shows that the data packet has not been marked by the upstream AS, a BGP routing table is checked in the BGP router according to a prefix longest matching principle, and an AS_PATH attribute value of a corresponding routing table entry is obtained, so the corresponding AS hop count is obtained; a marking probability is set according to the AS hop count to mark the corresponding data packet; and when the marking is determined to be carried out, the indicating bit of the corresponding data packet is set to be marked. The method and the device have the advantages of high speed of reconstructing attack paths, accuracy of reconstructing the attack paths and low router marking overhead.

Description

technical field [0001] The invention belongs to the technical field of the Internet, and in particular relates to a method for selecting packet mark probability for inter-domain traceability. Background technique [0002] Due to the defect in the initial design of TCP / IP (Transmission Control Protocol / Internet Protocol), the network does not verify the source address of the data packet, but only routes according to the destination address, and forwards the data packet to the destination. Attackers use this vulnerability to forge source addresses to attack remote hosts or networks, but victims often cannot effectively block attacks in real time, trace the source, accurately locate the attacker, and hold them accountable. [0003] IP traceability technology can determine the location of the network node that sent the attack packet and the transmission path of the attack packet. The trace process is carried out with the assistance of a series of routers. This type of technolog...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/56H04L29/06H04L45/28
Inventor 毕军田红成张威
Owner TSINGHUA UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap