TDFA: Traceback-Based Defense against DDoS Flooding Attacks
Citations
[...]
85 citations
57 citations
Cites methods from "TDFA: Traceback-Based Defense again..."
...For the testing experiments, many previous works [20]– [22] use the ”DDoS Attack 2007” dataset [23] for the attack traffic data and one of the ”CAIDA Anonymized Internet Traces Datasets” from 2008 to 2015 for the normal traffic data....
[...]
44 citations
Cites background from "TDFA: Traceback-Based Defense again..."
...The majority focus on implementing new detection techniques to infer DDoS attacks [46–49], tracing-back the sources of attacks [50,51], investigating spoofed attacks [52] and visualizing attacks [53– 55]....
[...]
26 citations
24 citations
References
1,596 citations
"TDFA: Traceback-Based Defense again..." refers background in this paper
...…address of the egress interface of the edge router; (ii) the network interface identifier (NI-ID), which is an identifier assigned to each interface of either the MAC address of a network interface on the edge router, or the VLAN ID of a virtual interface if the edge router uses VLAN interfaces;…...
[...]
808 citations
"TDFA: Traceback-Based Defense again..." refers background in this paper
...In a situation when the attacker spoofs the source MAC address of the attack packets with several valid MAC addresses in the network, then DFM can infer the source of an attack up to the ingress interface of the attacker end edge router....
[...]
508 citations
"TDFA: Traceback-Based Defense again..." refers methods in this paper
...The 60-bits identification data is divided into K fragments; therefore the mark contains M=60/K bits of the identification data and S=log2(K) bits are required to identify a fragment....
[...]
507 citations
"TDFA: Traceback-Based Defense again..." refers background in this paper
...In a situation when the attacker spoofs the source MAC address of the attack packets with several valid MAC addresses in the network, then DFM can infer the source of an attack up to the ingress interface of the attacker end edge router....
[...]
...When a packet of an unseen flow arrives at the destination node, the DFMD module extracts the marking information of this flow from the marked packets, identified by F flag....
[...]
405 citations
"TDFA: Traceback-Based Defense again..." refers background in this paper
...In a situation when the attacker spoofs the source MAC address of the attack packets with several valid MAC addresses in the network, then DFM can infer the source of an attack up to the ingress interface of the attacker end edge router....
[...]
...When a packet of an unseen flow arrives at the destination node, the DFMD module extracts the marking information of this flow from the marked packets, identified by F flag....
[...]