Recently, one of threats on the increasing network includes DoS(Denial of Service) attacks. A large amount of packets is transmitted to a server that becomes a target of DoS attacks. Therefore, a packet filtering that intercepts the communication of a doubtful packet is researched. We investigate two packet filtering methods. In the history based filtering, it looks for IP addresses that frequently appears at a router. DoS attack traffic is filtered by filtering IP address not observed usually so much. However, the filtering method is weak when the attacker know how to filtering. In the filtering approach that uses the probabilistic packet marking, a communication from an attack path is intercepted and the technique for intercepting the attack is proposed. However, an non-attacker's communication is also intercepted, and there is a problem that the number of packets necessary for the route construction increases according to a superscription of mark information. Then, to solve both problems of the expression, it proposes the probabilistic packet marking with and the filtering approach using the observation of transmission source IP address. The attack path is specified from mark information when an attack starts, and an attack packet is filtered from the record and mark information on an address of the router. It becomes possible to prevent packets being filtered when packets sent by a result and regular those who communicate is marked on the attack path. This technique achieve low false positive of benign traffic.