This letter proposes an IP traceback scheme based on the hop count. The proposed scheme solves the limitation of a storage capacity in a conventional scheme that stores all the packets passing through each router in an autonomous system. In the proposed scheme, each router detects spoofed packets, logs the hashes of only the detected packets, and stores them by using the Bloom filter. To detect spoofed packets, each router compares their time-to-live values with the expected values on our hop count table, which is maintained by a link-state routing protocol at each router. Numerical results show that the proposed scheme reduces the storage capacity effectively, compared with the conventional scheme.
View full abstract