关键词: 分布式拒绝服务攻击, 路由器, 追踪, 包标记, Distributed Denial of Service (DDoS) attacks, router, trace, Packet Marking (PM)

Abstract: A packet marking scheme to traceback the source of distributed denial of service based on Chinese remainder theorem was proposed. The algorithm labeled the IP block based on the uniqueness of the Chinese remainder. It is of relatively simple calculation and effective to avoid Hash collision. A victim does not need to maintain the network topology while it tracebacks attack paths with fewer packets and less time. The scheme tracebacks attack paths with less false combination and higher computing speed than others when the environment undergoes relative more attacks. The simulation results show that the scheme has good performance in the trackback of DDoS attacks.