Abstract:
Advanced and Authenticated Packet Marking (AAPM) scheme is one of the proposed packet marking schemes for the traceback of Denial of Service (DoS) attacks. AAPM uses hash functions to reduce the storage space requirement for encoding of router information in the IP header. In this paper we take the perspective of the attacker and analyze the effects of inserting fake edges against AAPM. Since the AAPM scheme is subject to spoofing of the marking field, by inserting fake edges (corrupting the marking field) in the packets the attacker can impede traceback. In this paper, we show that the attacker can increase this distance by inserting fake edges in packets. Therefore, the attacker can make it appear to the victim that the attack was launched from a node farther away than it actually was, thus maintaining his own anonymity.
