Other Approaches
Hal Burch and William Cheswick propose a controlled flooding of links to determine how this flooding affects the attack stream. Flooding a link will cause all packets, including packets from the attacker, to be dropped with the same probability. We can conclude from this that if a given link were flooded, and packets from the attacker slowed, then this link must be part of the attack path. Then recursively upstream routers are “coerced” into performing this test until the attack path is discovered.
The traceback problem is complicated because of spoofed packets. Thus, a related effort is targeted towards preventing spoofed packets; known as ingress filtering. Ingress Filtering restricts spoofed packets at ingress points to the network by tracking the set of legitimate source networks that can use this router.
Park and Lee present an extension of Ingress Filtering at layer 3. They present a means of detecting false packets, at least to the subnet, by essentially making use of existing OSPF routing state to have routers make intelligent decisions about whether or not a packet should be routed.
Read more about this topic: IP Traceback
Famous quotes containing the word approaches:
“No one ever approaches perfection except by stealth, and unknown to themselves.”
—William Hazlitt (1778–1830)
“Perfect happiness I believe was never intended by the deity to be the lot of any one of his creatures in this world; but that he has very much put in our power the nearness of our approaches to it, is what I steadfastly believe.”
—Thomas Jefferson (1743–1826)