Three graduate students from CMU have written an interesting paper on a process they call Path Identifier Marking, which would use a voluntary adoption of additional router processing to help track down the true origin of packets on the internet.

The purpose is to allow the identification and nullification of DDOS (Distributed Denial of Service) attacks, those pesky network assaults that use an array of other people's computers to attack a third site.

The proposal is interesting and addresses a number of issues including: partial adoption, legacy router implementations, performance, and how to use the marking data to actually defeat an attack.