This paper proposes an IP traceback mechanism for a large scale distributed online system. The proposed system is based on replication and tolerates arbitrary failures of servers. The service based on security concerns of server is implemented by IP trace back system based on Deterministic Packet Marking scheme (DPM). One of the major intimidations to the current networks is Distributed Denial of Service (DDoS) attack. Although many mechanisms are developed to detect the origin of DDoS attacks. The main issue concerned with detection systems is IP spoofing. As the detection scheme relies only on the marked information in the packet header fields, the source of the spoofed packets can also be accurately identified. It provides a protective system with ability to reconstruct the source IP when required. The main objective of this paper is to propose an effective trace back mechanism for DDoS attacks using Extended-DPM scheme. The proposed scheme is applied to an online system, which in turn improves the security process involved in the system. It resolves the disadvantages of existing methods by increasing throughput of processing server.
展开▼
