The Journal of China

Universities of Posts and

Telecommunications
September 2008, 15(3): 5158
www.buptjournal.cn/xben

Packet track and traceback mechanism against denial of service attacks

LI Li, SHEN Su-bin

Institute of Information Network Technology, Nanjing University of Posts and Telecommunications, Nanjing 210003, China

Abstract

The denial of service attack is a main type of threat on the Internet today. On the basis of path identification (Pi) and Internet
control message protocol (ICMP) traceback (iTrace) methods, a packet track and traceback mechanism is proposed, which
features rapid response and high accuracy. In this scheme, routers apply packet marking scheme and send traceback messages,
which enables the victim to design the path tree in peace time. During attack times the victim can trace attackers back within the
path tree and perform rapid packet filtering using the marking in each packet. Traceback messages overcome Pis limitation,
wherein too much path information is lost in path identifiers; whereas path identifiers can be used to expedite the design of the
path-tree, which reduces the high overhead in iTrace. Therefore, our scheme not only synthesizes the advantages but also
compromises the disadvantages of the above two methods. Simulation results with NS-2 show the validity of our scheme.

Keywords denial of service (DoS) attack, traceback, packet marking, Pi

1 Introduction of paths would cripple the performance of this technique. For

The DoS attack is a main threat to the Internet. In
flooding-style DoS attacks, the attacker sends large amount of
packets to a single victim, exhausting the victims
communication or computing resources in a short time. Even
worse, the attacker often hides his true identity with various
means such as spoofing, which complicates the attack. As a
variation of DoS attack, the distributed denial of service
(DDoS) attack is more destructive, in which multiple
compromised machines send large numbers of packets to the
victim. For example, in February 2000, several high-profit
sites including Yahoo, eBay, and Amazon were brought down
for hours by DDoS attacks, wherein they were flooded by tens
of thousands of legal connections which made servers
inaccessible [1].
Many researchers have studied countermeasures. A
common solution is the IP traceback technique, whose
principle is to redesign the path that the packets take from the
attacker through the Internet to the victim. With knowledge of
attack paths, defenders can take measures upstream from the
victim, e.g., filter attack packets before they reach the victim.
Some nice analysis of IP traceback technique can be found in
Refs. [2, 3]. In DDoS attacks, the number of attack paths is
far beyond that in DoS attacks, where redesigning thousands
Received date: 08-09-2007
Corresponding author: LI Li, E-mail: lli@njupt.edu.cn
example, the experiment results in Ref. [4] show that fragment
marking scheme (FMS) proposed by Savage et al. has a very
high computation overhead for the victim to redesign the
attack paths and gives a large number of false positives when
the attack originates from multiple attackers. Therefore, IP
traceback is not that practical in DDoS attacks. Yaar et al. [5]
argued that redesigning the exact path is not that necessary in
defending against a DDoS attack. They proposed Pi
mechanism, in which each packet takes an identifier as an
indication of the particular path that the packet takes, making
it possible to isolate and discard packets from different paths.
This scheme has many benefits compared with IP traceback.
IP traceback technique can maintain high accuracy at the price
of complexity, time or large-scale deployment. For example,
probabilistic packet marking (PPM) scheme [6] needs to
collect large numbers of packets before it is able to redesign
the path; the device logging method [7] demands close
cooperation among routers. In contrast, Pi is light-weight
because it imposes slight computation and storage overhead
on routers and the victim, it is simple and feasible in
deployment because it does not require any cooperation
between routers, and it is rapid in responsiveness because the
decision can be made on a single-packet basis. However, there
are still several disadvantages in the current design that limit
its use. One is that the path identifier can not be guaranteed to
be globally unique; there are collisions among identifiers of
52 The Journal of China Universities of Posts and Telecommunications
different paths which could reduce the accuracy. The other
one is that path identifiers provide little information besides
the indication to distinguish different paths, which confines its
application range. We observe that there is no single approach
that can defend against (D) DoS attacks effectively by itself;
there should be a combination among various schemes with
different merits.
Pi is a tracking technique in nature, which is powerful in
mitigating the impact of DoS attacks but unable to locate the
origin of the attack, which is the motivation of IP traceback
technique. In this article, we explore how to incorporate Pi
with the IP traceback techniqueiTrace [8], with the objective
to integrate their merits and compromise their weaknesses.
We propose a packet track and traceback (PTT) mechanism.
The process is that: routers apply Pis marking scheme to
mark passing packets, and they also send ICMP traceback
messages, which is designed in iTrace method. In peace time,
the destination host collects path identifiers carried in packets
and traceback messages sent by routers to design a path-tree
that reflects the network topology with itself as the center. In
the times when there is an attack, besides filtering attack
packets at home, the victim can traceback to their origins
within the path-tree and take measures to filter packets
upstream.
In our scheme, ICMP traceback messages provide detailed
path information, allowing destinations to map path
identifiers into full paths, which enables traceback operations.
Designing the path-tree to store path information is effective
and allows traceback operations to be carried out locally
instead of going through the network. Furthermore, unlike the
schemes, such as iTrace, which are only invoked during times
under attack, the path-tree in our scheme is designed in peace
time, which is insensitive to convergence time. Performing
traceback locally is more efficient than performing it all over
the network. Moreover, stresses that holding topology information
is helpful in defending against DDoS attack [4]. The path-tree
could be regarded as a pre-generated map of network
topology and also reflects the communication pattern of the
host to some extent. In a DDoS attack, in order to develop
rapidly responsive packet filters to protect it, the victim can
drop packets that are not originated within the path-tree. In
this way, some normal traffic could be retained before
attackers are located or upstream nodes take measures for it.
Some concepts used in packet track and traceback
mechanism such as marking-bit-pattern and path-tree are
defined as follows:
Definition 1 Marking-bit-pattern. Divide the marking field
in the packet into some number, n, of smaller nonoverlapping
fragments, where each fragment is a marking-bit-pattern as
shown in Fig. 1. If the total length of the marking field is
m b, then the length of a marking-bit-pattern is m/n b. Upon
2008
forwarding a packet, the router creates a marking and inserts
it into one marking-bit-pattern. At the destination, the value of
the marking field is taken as the path identifier.
Fig. 1 Relation of path identifier and marking-bit-pattern
Definition 2 Path-tree. It is a tree structure as seen in
Fig. 2, with D as the root, Sxs as leaves, and Rys as internal
nodes. D could either be a single host or a device representing
many hosts. Nodes Rys represent the routers and leaves Sxs
represent the origins of packets destined to the root. A leaf Sx
could either be a single host or a bunch of hosts under the
same router. A path from Sx is the ordered list of routers
between Sx and D that the packets have traversed, for example,
the path from S1 to D is <R6, R3, R1>.
Fig. 2 An example of the path tree
The rest of this article is structured in the following way. In
the next section we analyze Pis packet marking scheme.
Section 3 outlines our scheme and characterizes the
algorithms for implementing it. In Sect. 4 we present the
simulation experiments showing the schemes validity under a
DoS attack and conclude the article in Sect. 5.
2 Analysis of Pis packet marking algorithm
In Pis marking scheme, the 16-bit IP identification field is
used to hold the marking, which is the same as in our scheme.
In Pi, for each passing packet, the router uses the TTL value
as the index to insert the marking into the IP identification
field. The marking is computed by the router using a Hash
function whose input is the IP address of the last-hop router in
the path and its own IP address. Clearly, the packet marking is
deterministicall packets traversing the same path carry the
same marking. But it can not guarantee that the path identifier
is globally unique, that is to say, different paths may have the
same identifier, because each router only has local knowledge
of a particular path and the space of the marking field is
limited. The collision problem of path identifiers may lead to
some problems in defending against (D) DoS attacks. Among
Issue 3 LI Li, et al. / Packet track and traceback mechanism against denial of service attacks
these, packets outside the attack paths may be filtered and the
probability would rise because the number of attack paths
increases.
To have an indepth view of Pis marking scheme,
particularly the collision problem, we design two marking
schemes and perform two sets of experiments. In the
experiments, the Internet is modeled as a complete-binary tree
referred to Ref. [5], rooted at the destination host. We assign a
value to each node in the tree that can be used as the marking.
The path identifier is 16 b and the marking-bit-pattern is one bit,
so the identifier could hold markings of 16 routers at most.
The ith node in a path inserts its marking into the jth
marking-bit-pattern, where j equals i mod 16. The two
marking schemes are depicted as follows:
Marking scheme 1 Set the value of node i as i mod 2,
then it is uniformly distributed. Each node takes its own value
as the marking. In this scheme, collisions might be induced in
two cases. One of the paths is that with different length,
which might be contained by one another, for instance, <R3,
R2, R1> and <R2, R1> is such a case; the other one is that
nodes close to the victim might overwrite the markings of
nodes farther away because of the limited space in the
marking field.
Marking scheme 2 Set a random value to each node,
(a) Number of path (hops<16) in Marking scheme 1 case
(c) Number of path (hops<16) in Marking scheme 2 case
Fig. 3 Distribution of collision rates
53
then it is randomly distributed. Each node takes the value of
its child from which the packet comes as the marking. We
take it as an idealization of Pis edge marking scheme.
In each set of the experiments, we randomly select a given
number of unrepeating nodes to send packets to the root, then
compute their path identifiers and calculate the collision rate.
We count collisions in two ways. One is the same with Pi: if
two identifiers are the same, we count it as one collision. In
the other way we take path lengths into account, where path
length is the number of nodes that the packet has traversed. If
two identifiers as well as their path lengths are the same, we
count it as one collision. The collision rate equals the number
of collisions divided by the total number of paths. We conduct
each set of the experiments in two sizes of networks and take
the hops of the longest path in the network as the
measurement of the size of the network. One is within 16
hops and the other is within 20 hops. The upper boundary of
the number of the selected paths is 10 000 and 50 000 for
each size of networks. Figures 3 and 4 show the results of the
experiments. For most of the data points in the figure, we
perform approximately 10 to 50 independent tests and
compute the average of the results. In Figs. 3 and 4, c1
denotes same identifier counts as a collision, c2 denotes same
identifier and same path length counts as a collision.
(b) Number of path (hops<20) in Marking scheme 1 case
(d) Number of path (hops<20) in Marking scheme 2 case
54 The Journal of China Universities of Posts and Telecommunications 2008

(a) Number of path (hops<16) (b) Number of path (hops<20)

Fig. 4 Traverse comparison of the two marking schemes

From the distribution of the collision rate shown in Figs. 3 path-tree designing component and antiDoS component. As
and 4, we come to the conclusions as follows: shown in Fig. 5, packet marking components deployed at
1) As shown in Figs. 3(a) and 3(b), the collision rate reduces routers mark passing packets and send traceback messages.
effectively if path lengths are considered, but it is not the case Path-tree designing components deployed at hosts design
in Marking scheme 2 (Figs. 3(c) and (d)). If no overwriting path-trees using received path identifiers and traceback
happens in Marking scheme 1(Fig. 3(a)), the collision rate messages. AntiDoS components deployed at hosts and routers
falls to zero, a perfect result. perform traceback and packet filtering operations. In the
2) In both marking schemes, the collision rate keeps going remainder of this section we describe the marking algorithm
up as the number of the selected paths increases. In Pi scheme, and path-tree design algorithm and the method of defending
the authors selected no more than 10 000 paths for testing and against DoS attacks in more detail.
obtained fine results. We can also learn that in Fig. 3(c), the
collision rate is less than 20% when paths are less than 10 000.
When paths increase to 50 000, the collision rate jumps to
50%, making it difficult to distinguish different paths. In a
DDoS attack, it is not impossible to have tens of thousands of
attack paths.
3) As shown in Fig. 4, the collision rate in Marking scheme 1
is always lower than that in Marking scheme 2.
4) Considering the two marking schemes, the first one is an
Fig. 5 Framework of packet track and traceback mechanism
idealization because all the links to a node are distinguishable
on their own; the second one is similar to Pis marking
3.2 Packet marking algorithm
scheme and idealizes it in some aspects, for example,
randomly distributed markings is the ideal result of hash
It is obvious that the measures taken in Pis marking
function in Pi.
scheme such as hashing and edge marking is to increase the
In brief, Pis marking scheme behaves well with moderate
markings entropy and self distinguishability. We also can
paths but not in large scale DDoS attacks. If the node could
learn from experiments in Sect. 2 that if the links connected to
assign distinguishable markings to the links connected to it,
a node can be distinguished on the marking, the collision rate
then the collision rate will be cut down effectively. Assume
is the lowest among all the cases. In our scheme, instead of
that a node has l links, it needs log2l b to distinguish each link,
computing markings using Hash functions, the router tries the
which is not practical because of the limited space in the
best to assign a different marking for each link connected to it.
marking field. We can come to the conclusion that it is not easy
It can not be guaranteed that each link could get a different
to get low collision rate through improving the marking scheme.
value. For an n b marking, there are at most 2n values to
assign, and the number of links may be more than it.
3 Packet track and traceback mechanism
Forwarding a packet, the router takes the value assigned to
the link, where the packet is coming as the marking and
3.1 The framework
inserts it into the marking field. Following is the pseudo C
The framework of packet track and traceback mechanism is code for the marking algorithm:
comprised of three components: packet marking component, /* ptmark = marking carried in the packet
Issue 3 LI Li, et al. / Packet track and traceback mechanism against denial of service attacks
M_BIT = number of bits each router marks
mark_bit[l] = marking assigned to link l */
mark(ptmark) {
/* select the link from which the packet came */
prehop = Get_prehop();
/* insert the marking*/
ptmark = mark_bit[prehop]||(ptmark<<M_BIT);
} struct path-tree *prev, *next;
We can learn that the shift operation << makes sure that
the current marking is always on the first marking-bit-pattern
from right, and the first marking-bit-pattern from left is
always the one to be dropped. Unlike the Pi scheme that uses
the TTL value in the packet as an index, in our scheme, the
markings are arranged in order from right to left. Therefore,
we are able to compute sub-path identifiers because it is easy
to locate each routers marking. Same to the Pi scheme, there
is collision problem in our scheme, but we do not depend on
path identifiers wholly to defend against DoS attacks. With
the path-tree discussed in next subsection, the victim can map
the path identifier into several possible paths and make further
distinction with detailed path information.
3.3 Path-tree designing algorithm
Collisions happen among path identifiers mainly because
the path information is overly compressed. For the destination
to get more path information, we introduce ICMP traceback
message designed in iTrace method into our scheme. ICMP
traceback message is a router-generated message containing
an authenticated copy of a packet and routers own IP address
as well as the IP of the previous and next hop routers. In iTrace
scheme, the router probabilistically generates an ICMP
traceback message for the passing packet and forwards it
either to the source or destination address. The destination or
source collects traceback messages and redesigns the packets
traversing path. We observe that there may have relations
among different paths such as inclusion and convergence. For
example, one path may be completely contained by another
path; two paths may convergence at one node. In our scheme,
we consider using path-tree to store path information. The
structure of path-tree is defined in Sect. 1, which is an
intuitive way of representing relations among different paths.
At the very beginning, the path-tree only has the root, then the
destination redesigns a new path and inserts it into the current
path-tree. There are three cases as follows:
Case 1 If the new path is contained by an existing path,
then no change should be made in the current path-tree.
Case 2 If the new path joins an existing path at one node,
then we add a sub-path to this node. The sub-path is from the
source of the new path to the joint node.
Case 3 If it is not the above two cases, we add the new
55
path directly to the root.
Following shows the path-tree design algorithm provided in
pseudo C code.
/* root = a pointer pointed to path-trees root
path[n] = new path, an array of nodes, path[0] is the
router closest to the destination */
struct path-tree {
NODE node;
};
path-tree_formation (path[K], root)
{
for(int k = 0; k < K; k++) {
if (width_first_search (path[k], k)==NULL) {
if (k==0)
append path to root;
else {
subpath = get_subpath (path, k);
append subpath to node path[k];
}// if(k==0)
break;
}//if (width
}//for
}
The width_first_search function performs a breadth-first
search at the appointed layer in the tree. The get_subpath
function returns the sub-path from the source to the pointed
node. The path-tree could be seen as a pre-generated map of
Internet topology with the destination as the center. Similar to
iTrace method, traceback messages might incur significant
overhead on network routers and cripple network performance
sharply, so it must be generated with low probability, with the
suggested value in iTrace as 1 2 000 [8]. Presumably,
reducing the probability requires more packets to redesign the
path, which amounts to more convergence time. In our
scheme, the path-tree is designed in peace time, insensitive to
convergence time. In next subsection, we discuss how to use
path identifier and path-tree to defend against DoS attacks.
3.4 Defending against DoS attacks
There are generally three lines to defend against the DoS
attack [9]: attack prevention and pre-emption, attack detection
and filtering, and attack source traceback and identification.
Our scheme mainly focuses on the third line of defense and is
helpful to attack detection and filtering.
When a DoS attack is detected, the victim extracts the path
identifier from the attack packet. The traceback process is as
follows:
1) Search the path identifier within the path-tree. If a
matching node is found, the process is ended. If theres no
56 The Journal of China Universities of Posts and Telecommunications
matching node, go to the next step.
2) Drop the first marking-bit-pattern in the path identifier
from left, so we get a shorter path identifier, which indicates a
sub-path. If the length of the new identifier is not zero, go to
step one.
This process will be ended either because a matching node
is found or because the length of the path identifier decreases
to zero. If a matching node is found, the path from the node to
the root is the attack path within the path-tree. If this is not the
case, it shows that the attack path is not in the current
path-tree. The victim can collect traceback packets and
redesign the path in real time, in the same process as that
described in iTrace method. In brief, the traceback operation
is firstly carried out locally and then goes through the network
if it is necessary. In this way, the efficiency improves.
Following shows the traceback algorithm provided in pseudo
C code. The traceback process is opposite to the path-tree
designing process. It extracts a path from the path-tree using a
path identifier.
/*attack_Pi = the path identifier extracted from attack packet;
Path = the attack path found in path-tree */
path traceback(attack_Pi)
{ and use path identifiers and ICMP traceback messages to
Pi = attack_Pi;
node = null;
/* search for possible attacking node inside the path-tree*/
while((node == null) && (Pi.length != 0) ) {
node = search_path-tree(Pi); //search for matching node
Pi_trim(Pi); //get a sub-path identifier
}
if(node != null) //extract the attacking path
return(extract_path(node));
else /*collect traceback messages and redesign the path in
real time.*/
return(iTrace());
} phase, nodes 10, 13, and 15 are selected as legitimate users to
Attack source traceback is usually regarded as an
after-the-fact response to a DoS attack, which is not a feasible
one to stop an on-going attack [9]. In a DoS attack, when an
attack packet is detected, the victim can do rapid packet
filtering relying on the attack path identifier. Even if the
attack packets use spoofed IP addresses, their path identifiers
are still the same. Packet filtering enables rapid response to
the attack, and traceback can discourage the attacker.
In a DDoS attack, it is hard to distinguish attack packets
from normal packets, and their paths are mixed together. We
argue that it is important for the victim to protect itself from
the attack before more effective measures could be taken.
Considering that the path-tree reflects the victims
communication pattern to some extent, we can give packets
sourced inside the path-tree high priority. As a result, part of
2008
the normal traffic could be preserved. It can be regarded as an
auxiliary measure in eliminating the DDoS attack.
4 Simulation and results
In this section, we present a simulation of the proposed
scheme. All of the algorithms in the scheme have been
implemented in NS-2. We first present the DoS attack model
and then depict the design of the experiments. Finally, we
present the results of our experiments.
4.1 DoS attack model
In order for a victim to protect it against attack packets, it
must have a way to detect and identify the attack packet.
Once the attack packet is identified, we can filter packets with
the same path identifier and perform traceback within the
path-tree. Attack packet identification is outside the scope of
this article. However, to incorporate the use of our scheme,
we model our DoS attack in two phases, similar to the attack
model used in Pis experiments [5]. In the first phase, the
learning phase, the victim analyzes all the packets sent to it,
redesign the path-tree. In the second phase, the attack phase,
the victim is assumed to have the power to determine whether
a packet is an attack packet or a legitimate packet. In this
phase, the victim stops redesigning the path-tree, and is forced
to use path identifiers and the path-tree to perform packet
filtering and traceback.
4.2 Experiment design
We designed two sets of experiments. The first set of
experiments is a simple demo of our scheme, showing how it
works. The network topology is shown in Fig. 6. In learning
send packets to the victim. In attack phase, nodes 6, 10, and
16 are selected as attackers to send packets to the victim.
Then we show the path-tree designed by the victim and the
traceback results.
(a) Learning phase (b) Attack phase
Fig. 6 Path-tree and attackers
Issue 3 LI Li, et al. / Packet track and traceback mechanism against denial of service attacks 57

In the second set of experiments, the network topology is

structured as a 20-layer binary tree. In each phase, a certain
number of different paths are chosen at random, and each end
node at a path sends packets to the victim. We change the
number of the selected paths in each phase, and calculate the
rate of the number of attack packets traced back successfully
within the path tree. A successful traceback over here means
the victim can trace the packet back to its source.
For all the experiments, the ICMP traceback message
generating probability is set to be 1. With a lower probability,
the victim requires more packets to redesign the path. The (a) The number of attack paths is fixed
probability only influence the convergence time in path
redesigning, which is not the focus of this set of experiments.
This setting can largely reduce the time and space needed for
the simulation. For example, each end node at a path could
only send one packet to the victim.

4.3 Results

Figures 6 and 7 shows the results of the first set of

experiments. Figure 6(a) shows the path tree designed in
learning phase. Nodes with double circles and links with
labels form the path-tree. In Fig. 6(b), nodes with squares are
attackers. We can see that two of them are within the path-tree.
Figure 7 is the outcome of the traceback operation. For
attacker 6 and 10, the victim traced them back to the source;
for attacker 16, it only traced to node 7, which is the closest to
the source within the path-tree.
Fig. 7 Traceback results
Figure 8 shows the results of the second set of experiments.
It does not mark on the exact range of rate. Because in the
second set of experiments we did not simulate with real
Internet data such as the topology, and paths are selected at
random each time. Each rate has no meaning by itself, but
they together show a kind of tendency. In Fig. 8(a), the
number of attack paths is fixed. When the number of learning
paths increases, the rate of successful traceback goes up. This
result coincides with our intuition. In Fig. 8(b), the number of
attack paths increases as well as the learning paths. The rate
of successful traceback goes up when the number of paths
increases. With a fixed ICMP traceback message generating
probability, having more learning paths means a longer
learning phase. And we can conclude that a longer learning
phase may improve the probability of successful traceback.
(b) The number of attack paths increases with the learning paths
Fig. 8 Rate of successful traceback
5 Conclusions
Defending against (D) DoS attacks is one of the hardest
security problems on the Internet today. We propose an
approach to deal with this problem in a combined way. In our
approach, we apply Pis packet marking scheme in
conjunction with ICMP traceback message in iTrace method,
which allows the victim to design the path-tree in peace time,
and quickly find the attacker during times of attack. The
simple simulation carried out shows that our scheme is
effective in defending against DoS attacks. Furthermore, work
is needed at a larger scale and in real network environment to
validate our approach.
Acknowledgements
This work is supported by the National Natural Science Foundation
of China (60273091), Blue Project in Nanjing University of Posts
and Telecommunications (NY207118).
References
1. Computer Emergency Response Team. Cert advisory ca-2000-01:
denial-of-service developments. [2007-02-01]. http://www.cert.org/advisories/
CA-2000-01.html
2. Belenky A, Ansari N. On IP traceback. IEEE Communications Magazine,
2003, 41(7): 142153
3. Savage S, Wetherall D, Karlin A, et al. Practical network support for IP
58 The Journal of China Universities of Posts and Telecommunications
traceback. Computer Communication Review, 2000, 30(4): 295306
4. Dawn X S, Perrig A. Advanced and authenticated marking schemes for IP
traceback. Proceedings of the 20th Annual Joint Conference of the IEEE
Computer and Communications Societies, Apr 2226 2001, Anchorage,
AK, USA. Piscataway, NJ, USA: IEEE, 2001: 878886
5. Yaar A, Perriq A, Sonq D. Pi: a path identification mechanism to defend
against DDoS attacks. Proceedings of Symposium on Security and
Privacy, May 1114, 2003, Berkeley, CA, USA. Piscataway, NJ, USA:
IEEE. 2003: 93107
6. Park K, Lee H. On the effectiveness of probabilistic packet marking for
IP traceback under denial of service attack. Proceedings of the 20th
Annual Joint Conference of the IEEE Computer and Communications
From p. 50
remaining curves in them either drop or stay along with the
increase of nodes, since more nodes indicates more choices.
Figure 7 compares the power offset that each transmission
suffers for SN and RN from the average power of surrounding
nodes. The definition of offset is
Pcurrent  Pto_be_used
Ioffset (15)
Paverage
Fig. 7 The power offset for SN and RN under different
partner selection strategies with the increasing nodes
The total offset equals Ioffset_S  Ioffset_R , which is the
summation of the source and the relay offsets. We can see that
for all four strategies, the power offset increases when the
nodes increase, while the MSNR strategy remains the highest,
and the MAPU strategy has more plane trends than the others,
which adequately fulfill its original intention.
5 Conclusions
In this study, we consider partner selection strategies for
cooperative wireless communications. Our solitary goal is to
determine the best way to balance the power distribution and
2008
Societies, Apr 2226, 2001, Anchorage, AK, USA. Piscataway, NJ, USA:
IEEE, 2001: 3383347
7. Tchakountio F, Kent S T, Strayer W T. Hash-based IP traceback.
Proceedings of Conference on Applications, Technologies, Architectures,
and Protocol for Computer Communication (SIGCOMM01), Aug 2731,
2001. San Diego, CA, USA. New York, NY, USA: ACM, 2001: 314
8. Bellovin S, Leech M, Taylor T. Internet draft. ICMP traceback messages.
[2007-02-01]. http://tools.ietf.org/html/draft-ietf-itrace-04
9. Chang R K C. Defending against flooding-based distributed
denial-of-service attacks: a tutorial. IEEE Communications Magazine,
2002, 40(10): 4251
transmission performance. Three different partner selection
strategies are proposed, and as the simulation results show, all
are supposed to be good tradeoffs between power consumption
and transmission performance with different goals.
Acknowledgements
This work is supported by the Hi-Tech Research and Development
Program of China (2006AA01Z257).
References
1. Mischa D. Virtual antenna arrays. London, UK: Kings College London,
2003
2. Wang Q H, Zhao B H. Protocol for the application of cooperative MIMO
based on clustering in sparse wireless sensor networks. Journal of China
Universities of Posts and Telecommunications, 2007, 14(2): 5157
3. Aria N, Todd E H. Grouping and partner selection in cooperative wireless
networks. IEEE Journal on Selected Areas in Communications, 2007,
25(2): 369378
4. Ramesh A, Pamela C C, Laurence B M. Statistical channel
knowledge-based optimum power allocation for Relaying protocols in the
high SNR regime. IEEE Journal on Selected Areas in Communications,
2007, 25(2): 292305
5. Goodman D J, Mandayam N B. Power control for wireless data. IEEE
Personal Communications, 2000, 7(2): 4854
6. Chen Y, Cheng P, Qiu P L, et al. Optimal partner selection strategies in
wireless cooperative networks with fixed and variable transmit power.
Proceedings of Wireless Communications and Networking Conference,
(WCNC2007): Mar 1115, 2007, Kowloon, China. New York, NY, USA:
IEEE, 2007: 40804084
7. Laneman J N, Tse D N C, Wornell G W. Cooperative diversity in
wireless networks: efficient protocols and outage behavior. IEEE
Transactions on Information Theory, 2004, 50(12): 30623080
8. Todd E H, Aria N. Diversity through coded cooperation. IEEE
Transactions on Wireless Communications, 2006, 5(2): 283289