الفهرس 
AbstractOnly 14 pages are availabe for public view
 |  | from | 182 |  |  |
| | | from | 182 | | |
Abstract
With increasing attacks of the type of denial of service which is being experienced by many service providers around the world and the diversity of its methods, It was necessary to think of ways to repel this species and trace its source accurately. Among these different approaches emerged two more efficient types, the first type works during an attack to prevent attack packets from penetrating defense systems and to stop or reduce the efficiency of service providers. And the second type shows its performance after the attack and aims to trace and identify the source of attacking packets to provide accurate evidence to take legal proceedings against the attacker later. In this thesis, a hybrid system of the two previously mentioned defense types was proposed with some improvements on each of them. The packet marking system has been modified to ensure that distinct markings are created for each path on the network that cannot be repeated for any other route which is known as the collision problem between marks which ensures accurate filtering that reduces the false positive rejection rate of legitimate packets and the false negative acceptance rate of attacking packets.
Some improvements were also made to the packet logging system which is done by network’s routers and accomplished by assigning 4 bit from the Identification (ID) field in the package header to specify the next router that will record the data of the routed packet, since it is not necessary to record packet’s data in all the routers that it will pass on its way to reach its source. This modification resulted in many features, first is to reduce the storage capacity in the routers required in addition to reducing the time required to determine the source of the attacking packets with high accuracy.