Corpus ID: 62703797

Mitigating IP Spoofing by Validating BGP Routes Updates

  title={Mitigating IP Spoofing by Validating BGP Routes Updates},
  author={J. Israr and M. Guennoun and H. Mouftah},
  • J. Israr, M. Guennoun, H. Mouftah
  • Published 2009
  • Computer Science
  • Summary IP spoofing remains a popular method to launch Distributed Denial of Service (DDOS) attacks. Several mitigation schemes have been proposed in literature to detect forged source IP addresses. Some of these solutions, like the inter domain packet filter (IDPF), construct filters based on implicit information contained in BGP route updates. The packet filters rely on the fact that BGP updates are valid and reliable. This assumption is unfortunately not true in the context of the Internet… CONTINUE READING
    12 Citations

    Figures and Topics from this paper

    Explore Further: Topics Discussed in This Paper

    Inter-Domain Routing Validator Based Spoofing Defence System
    • Lei Wang, T. Xia, J. Seberry
    • Computer Science
    • 2010 IEEE International Conference on Intelligence and Security Informatics
    • 2010
    • 3
    • PDF
    Enhanced EDoS-Shield for Mitigating EDoS Attacks Originating from Spoofed IP Addresses
    • 54
    A deployable IP spoofing defence system
    • 1
    An approach to stabilize interdomain routing protocol after failure
    • 7
    Detection of Invalid BGP Routes
    • H. Wang, Wanping Hao
    • Computer Science
    • 2010 6th International Conference on Wireless Communications Networking and Mobile Computing (WiCOM)
    • 2010
    • 1
    Amplification and DRDoS Attack Defense - A Survey and New Perspectives
    • 32
    • Highly Influenced
    • PDF
    EDoS-Shield - A Two-Steps Mitigation Technique against EDoS Attacks in Cloud Computing
    • 128


    Constructing Inter-Domain Packet Filters to Control IP Spoofing Based on BGP Updates
    • 25
    • PDF
    Improving TCP's Robustness to Blind In-Window Attacks
    • 67
    • PDF
    Practical network support for IP traceback
    • 1,072
    • PDF
    On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets
    • 533
    • Highly Influential
    • PDF
    An analysis of using reflectors for distributed denial-of-service attacks
    • 482
    • PDF
    Hash-based IP traceback
    • 405
    • PDF
    Inferring Internet denial-of-service activity
    • 1,440
    • PDF
    Dns cache poisoning-the next generation
    • 69
    • PDF
    A Border Gateway Protocol 4 (BGP-4)
    • 2,799
    • PDF
    ICMP Traceback Messages
    • 638
    • PDF