Detection and Removal of IP Spoofing Through Extended-Inter Domain Packet Filter Architecture

@article{Velmayil2012DetectionAR,
  title={Detection and Removal of IP Spoofing Through Extended-Inter Domain Packet Filter Architecture},
  author={G. Velmayil and Selvakumaran Pannirselvam},
  journal={International Journal of Computer Applications},
  year={2012},
  volume={49},
  pages={37-43}
}
IP spoofing makes use of the basic weakness in the Internet Protocol to launch the DDOS attack. The existing methods become ineffective due to a large number of filters required and they lack in information about where to place the filter. The existing system requires the global routing information to defend IP spoofing effectively. We propose Extended Inter Domain Packet Filters (Ex-IDPF) to overcome this problem. The Ex-IDPF comprises of two functional blocks namely, marking and filtering… 

Figures and Tables from this paper

Defending of IP Spoofing by Ingress Filter in Extended-Inter Domain Packet Key Marking System

This paper proposes Ingress filter in Extended Inter Domain Packet Key marking system, and proposes a filter placement algorithm that clearly put forwards the conditions under which the filter can operate accurately.

An email application with active spoof monitoring and control

  • T. P. FowdurL. Veerasoo
  • Computer Science
    2016 International Conference on Computer Communication and Informatics (ICCCI)
  • 2016
A web-based client oriented anti-spoofing email application which actively detects, monitors and controls email spoofing attacks, and provides a user-friendly interface which is easily deployable over the web.

Amplification and DRDoS Attack Defense - A Survey and New Perspectives

This work acts as an introduction into amplification attacks and source IP address spoofing and a survey on the state of the art in spoofing defenses is presented.

Improving the Performance of Multi-Hop Wireless Networks by Selective Transmission Power Control

This paper proposes power control schemes utilizing link quality to identify the set of nodes required to adjust the transmission power in order to improve the network throughput in both homogeneous and heterogeneous multi-hop wireless networks.

References

SHOWING 1-10 OF 25 REFERENCES

Controlling IP Spoofing through Interdomain Packet Filters

It is shown that, even with partial deployment on the Internet, IDPFs can proactively limit the spoofing capability of attackers and can help localize the origin of an attack packet to a small number of candidate networks.

Spoofing prevention method

  • A. Bremler-BarrH. Levy
  • Computer Science
    Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies.
  • 2005
A new approach for filtering spoofed IP packets, called spoofing prevention method (SPM), is proposed. The method enables routers closer to the destination of a packet to verify the authenticity of

Defending against spoofed DDoS attacks with path fingerprint

Defense Against Spoofed IP Traffic Using Hop-Count Filtering

A novel filtering technique, called Hop-Count Filtering (HCF), is presented-which builds an accurate IP-to-hop-count (IP2HC) mapping table-to detect and discard spoofed IP packets.

Pi: a path identification mechanism to defend against DDoS attacks

Pi (short for path identifier), a new packet marking approach in which a path fingerprint is embedded in each packet, enabling a victim to identify packets traversing the same paths through the Internet on a per packet basis, regardless of source IP address spoofing.

A Practical IP Spoofing Defense Through Route-Based Fltering

This work presents the design and evaluation of the Clouseau system, which together with route-based filtering (RBF) acts as an effective and practical defense against IP spoofing and shows that RBF brings instant benefit to the deploying network.

TTL Based Packet Marking for IP Traceback

This paper proposes a new PPM scheme called TTL-based PPM (TPM) scheme, where each packet is marked with a probability inversely proportional to the distance traversed by the packet so far, and shows how this TPM scheme can effectively trace DDoS attackers even in presence of spoofing when compared to existing schemes.

Collaborative Detection of DDoS Attacks over Multiple Network Domains

This paper develops a distributed change-point detection (DCD) architecture using change aggregation trees (CAT), and proves that this DDoS defense system can scale well to cover 84 AS domains, wide enough to safeguard most ISP core networks from real-life DDoS flooding attacks.

Comparative Evaluation of Spoofing Defenses

This paper formalizes the problem of spoofed traffic filtering and defines novel effectiveness measures, observing each defense as selfish or altruistic and differentiating their performance goals, and defining optimal core deployment points for defenses that need core support.

SOS: an architecture for mitigating DDoS attacks

This work evaluates the likelihood that an attacker can successfully launch a DoS attack against an SOS-protected network, and demonstrates that such an architecture reduces the likelihood of a successful attack to minuscule levels.