查看文章

Distributed denial-of-service (DDoS) is a rapidly growing problem. In a typical DDOS attacks a large number of compromised hosts (Zombies) are amassed to send useless packets to jam the victim, or its Internet connection or both. The problem of identifying the attack sources is one of the hardest threats in internet security due to the similarity between the legitimate and illegitimate traffic. Firstly, it is important characteristics of the DDOS attacks that they hide their identities/origins (IP Spoofing). Secondly, the stateless nature of the IP routing where routers normally know only the next hop for the forwarding of packets rather than the complete end to end route taken by each packet make IP traceback difficult. IP traceback (the ability to trace IP packets from source to destination) is a significant step toward identifying and, thus, stopping, attackers. This Review paper evaluates and describes the effectiveness of different …