Detection and Removal of IP Spoofing Through Extended-Inter Domain Packet Filter Architecture
@article{Velmayil2012DetectionAR,
title={Detection and Removal of IP Spoofing Through Extended-Inter Domain Packet Filter Architecture},
author={G. Velmayil and Selvakumaran Pannirselvam},
journal={International Journal of Computer Applications},
year={2012},
volume={49},
pages={37-43}
}IP spoofing makes use of the basic weakness in the Internet Protocol to launch the DDOS attack. The existing methods become ineffective due to a large number of filters required and they lack in information about where to place the filter. The existing system requires the global routing information to defend IP spoofing effectively. We propose Extended Inter Domain Packet Filters (Ex-IDPF) to overcome this problem. The Ex-IDPF comprises of two functional blocks namely, marking and filtering…
4 Citations
Defending of IP Spoofing by Ingress Filter in Extended-Inter Domain Packet Key Marking System
- Computer Science
- 2013
This paper proposes Ingress filter in Extended Inter Domain Packet Key marking system, and proposes a filter placement algorithm that clearly put forwards the conditions under which the filter can operate accurately.
An email application with active spoof monitoring and control
- Computer Science2016 International Conference on Computer Communication and Informatics (ICCCI)
- 2016
A web-based client oriented anti-spoofing email application which actively detects, monitors and controls email spoofing attacks, and provides a user-friendly interface which is easily deployable over the web.
Amplification and DRDoS Attack Defense - A Survey and New Perspectives
- Computer ScienceArXiv
- 2015
This work acts as an introduction into amplification attacks and source IP address spoofing and a survey on the state of the art in spoofing defenses is presented.
Improving the Performance of Multi-Hop Wireless Networks by Selective Transmission Power Control
- Business, Computer ScienceJ. Inform. and Commun. Convergence Engineering
- 2015
This paper proposes power control schemes utilizing link quality to identify the set of nodes required to adjust the transmission power in order to improve the network throughput in both homogeneous and heterogeneous multi-hop wireless networks.
References
SHOWING 1-10 OF 25 REFERENCES
Controlling IP Spoofing through Interdomain Packet Filters
- Computer ScienceIEEE Transactions on Dependable and Secure Computing
- 2008
It is shown that, even with partial deployment on the Internet, IDPFs can proactively limit the spoofing capability of attackers and can help localize the origin of an attack packet to a small number of candidate networks.
Spoofing prevention method
- Computer ScienceProceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies.
- 2005
A new approach for filtering spoofed IP packets, called spoofing prevention method (SPM), is proposed. The method enables routers closer to the destination of a packet to verify the authenticity of…
Defense Against Spoofed IP Traffic Using Hop-Count Filtering
- Computer ScienceIEEE/ACM Transactions on Networking
- 2007
A novel filtering technique, called Hop-Count Filtering (HCF), is presented-which builds an accurate IP-to-hop-count (IP2HC) mapping table-to detect and discard spoofed IP packets.
Pi: a path identification mechanism to defend against DDoS attacks
- Computer Science2003 Symposium on Security and Privacy, 2003.
- 2003
Pi (short for path identifier), a new packet marking approach in which a path fingerprint is embedded in each packet, enabling a victim to identify packets traversing the same paths through the Internet on a per packet basis, regardless of source IP address spoofing.
A Practical IP Spoofing Defense Through Route-Based Fltering
- Computer Science
- 2006
This work presents the design and evaluation of the Clouseau system, which together with route-based filtering (RBF) acts as an effective and practical defense against IP spoofing and shows that RBF brings instant benefit to the deploying network.
TTL Based Packet Marking for IP Traceback
- Computer ScienceIEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference
- 2008
This paper proposes a new PPM scheme called TTL-based PPM (TPM) scheme, where each packet is marked with a probability inversely proportional to the distance traversed by the packet so far, and shows how this TPM scheme can effectively trace DDoS attackers even in presence of spoofing when compared to existing schemes.
Collaborative Detection of DDoS Attacks over Multiple Network Domains
- Computer ScienceIEEE Transactions on Parallel and Distributed Systems
- 2007
This paper develops a distributed change-point detection (DCD) architecture using change aggregation trees (CAT), and proves that this DDoS defense system can scale well to cover 84 AS domains, wide enough to safeguard most ISP core networks from real-life DDoS flooding attacks.
Comparative Evaluation of Spoofing Defenses
- Computer ScienceIEEE Transactions on Dependable and Secure Computing
- 2011
This paper formalizes the problem of spoofed traffic filtering and defines novel effectiveness measures, observing each defense as selfish or altruistic and differentiating their performance goals, and defining optimal core deployment points for defenses that need core support.
SOS: an architecture for mitigating DDoS attacks
- Computer ScienceIEEE Journal on Selected Areas in Communications
- 2004
This work evaluates the likelihood that an attacker can successfully launch a DoS attack against an SOS-protected network, and demonstrates that such an architecture reduces the likelihood of a successful attack to minuscule levels.