Flexible Deterministic Packet Marking CSE Paper Presentation .Internet Protocol (IP) trace back is the enabling technology to control Internet crime. Without a proper termination condition, the attack graph constructed by the PPM algorithm would be wrong. There are quite many defects in the existing system.
It is not easy to find out pack travel path, the packet can be lost and duplicate packets can be received by the receiver. If this process is repeated over and over receiver will not have any original packet because of the increase in duplication of messages.
However, the FDPM algorithm provides an autonomous way for the original PPM algorithm to determine its termination. The most significant merit of the FDPM algorithm is that when the algorithm terminates it guarantees that the constructed attack graph is correct, with a specified level of confidence.
We carry out simulations on the FDPM algorithm and show that the FDPM algorithm can guarantee the correctness of the constructed attack graph.
Different probabilities that a router marks the attack packets .It is easy to find out packet loss, Duplicate packets and find out each and every packet path. It also reduces the network traffic. In this paper, we present a novel and practical IP traceback system called Flexible Deterministic Packet Marking (FDPM), which provides a defense system with the ability to find out the real sources of attacking packets that traverse through the network.
While a number of other traceback schemes exist, FDPM provides innovative features to trace the source of IP packets and can obtain better tracing capability than others. In particular, FDPM adopts a flexible mark length strategy to make it compatible to different network environments; it also adaptively changes its marking rate according to the load of the participating router by a flexible flow-based marking scheme.
Evaluations on both simulation and real system implementation demonstrate that FDPM requires a moderately small number of packets to complete the traceback process; add little additional load to routers and can trace a large number of sources in one traceback process with low false positive rates.
The built-in overload prevention mechanism makes this system capable of achieving a satisfactory traceback result even when the router is heavily loaded. The motivation of this traceback system is from DDoS defense.
It has been used to not only trace DDoS attacking packets but also enhance filtering attacking traffic. It has a wide array of applications for other security systems. We present a novel and practical IP trace back system called Flexible Deterministic Packet Marking (FDPM).
FDPM provides a defense system with the ability to find out the real sources of attacking packets that traverse through the network. FDPM requires a moderately small number of packets to complete the Trace back process.