CFP last date
20 December 2024
Reseach Article

Detection and Removal of IP Spoofing through Extended-Inter Domain Packet Filter Architecture

by G. Velmayil, S. Pannirselvam
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 49 - Number 17
Year of Publication: 2012
Authors: G. Velmayil, S. Pannirselvam
10.5120/7723-1126

G. Velmayil, S. Pannirselvam . Detection and Removal of IP Spoofing through Extended-Inter Domain Packet Filter Architecture. International Journal of Computer Applications. 49, 17 ( July 2012), 37-43. DOI=10.5120/7723-1126

@article{ 10.5120/7723-1126,
author = { G. Velmayil, S. Pannirselvam },
title = { Detection and Removal of IP Spoofing through Extended-Inter Domain Packet Filter Architecture },
journal = { International Journal of Computer Applications },
issue_date = { July 2012 },
volume = { 49 },
number = { 17 },
month = { July },
year = { 2012 },
issn = { 0975-8887 },
pages = { 37-43 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume49/number17/7723-1126/ },
doi = { 10.5120/7723-1126 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:46:31.333328+05:30
%A G. Velmayil
%A S. Pannirselvam
%T Detection and Removal of IP Spoofing through Extended-Inter Domain Packet Filter Architecture
%J International Journal of Computer Applications
%@ 0975-8887
%V 49
%N 17
%P 37-43
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

IP spoofing makes use of the basic weakness in the Internet Protocol to launch the DDOS attack. The existing methods become ineffective due to a large number of filters required and they lack in information about where to place the filter. The existing system requires the global routing information to defend IP spoofing effectively. We propose Extended Inter Domain Packet Filters (Ex-IDPF) to overcome this problem. The Ex-IDPF comprises of two functional blocks namely, marking and filtering blocks. In the marking block, each source is labeled with a key. The key is changed continuously for a certain period of time to provide secured system and is validated at border routers. In the filtering block, spoofed packets are filtered at the border router using path history and the feasible route table. This architecture is independent of global routing information and the Ex-IDPFs are constructed on the basis of Border Gateway Protocol (BGP) route updates. The filter placement algorithm clearly put forwards the conditions under which the filter can operate accurately. The accuracy of the proposed systems is validated using Network Simulator (NS-2).

References
  1. FrankKargl, Joern Maier and Michael Weber 2001. "Protecting Web Servers from Distributed Denial of Service Attacks", ACM proceedings of10th conference on World Wide Web, pp 514-524.
  2. Michael Walsh, MythiliVutukuru, HariBalakrishnan, David Karger, and Scott Shenkery 2006. "DDoS Defense by Offense", proceedings of SIGCOMM '06 conference on applications, technologies, architectures and protocols for computer communications, Volume 36, Issue 4, pp 303-314.
  3. David Moore, Colleen Shannon, Douglas J. Brown, Geoffrey M. Voelker and Stefan Savage 2006. "Inferring Internet Denial-of-Service Activity" ACM Transactions on Computer Systems, Volume- 24, Issue- 2, Pp. 115–139.
  4. S. M. Bellovin1989. "Security Problems in the TCP/IP Protocol Suite" Computer Communication Review, Volume 19, Issue- 2, pp. 32-48.
  5. L. Todd Heberlein, Matt Bishop 1996. "Attack Class: Address Spoofing", Proceedings of the 19th National Information Systems Security Conference, pp: 371-377.
  6. V. Paxson 2001. "An Analysis of Using Reflectors for Distributed Denial-of-Service Attacks," ACM SIGCOMM Computer Communications Review, Volume 31, Isssue 3, pp 38-47.
  7. SupranamayaRanjan, Ram Swaminathan, Mustafa Uysal, Antonio Nucci, and Edward Knightly 2009. "DDoS-Shield: DDoS-Resilient Scheduling to Counter Application Layer Attacks", IEEE/ACM Transactions on Networking, Volume 17, Issue 1, pp 26-39.
  8. Yu Chen, Kai Hwang, and Wei-Shinn Ku 2007. "Collaborative Detection of DDoS Attacks over Multiple Network Domains" IEEE Transactions on Parallel and Distributed Systems, Volume 18, Issue 12, pp 1649-1662.
  9. JelenaMirkovic, Nikola Jevtic and Peter Reiher 2006. "A Practical IP Spoofing Defense through Route-Based Fltering" University of Delaware, CIS department, Technical Report, CIS-TR
  10. ZhenhaiDuan, Xin Yuan and Jaideep Chandrasekhar 2008. "Controlling IP Spoofing through Inter domain Packet Filters" IEEE Transactions on Dependable and Secure Computing, Volume 5, Number 1.
  11. Qiming Li, Ee-Chien Chang, MunChoon Chan 2005. "On the Effectiveness of DDOS Attacks on Statistical Filtering", proceedings of IEEE INFOCOM, pp 1373-1383.
  12. Haining Wang, Cheng Jin, and Kang G. Shin 2007. "Defense against Spoofed IP Traffic Using Hop-Count Filtering ",IEEE/ACM Transactions on Networking, Volume 15, Issue 1, pp 40-53.
  13. Fu-Yuan Lee and ShiuhpyngShieh2005. "Defending against spoofed DDoS attacks with path fingerprint", International Journal on Computers and Security, Volume 24, Issue 7, pp 571- 586,
  14. RatulMahajan, Steven M. Bellovin, Sally Floyd, John Ioannidis, Vern Paxson, and Scott Shenker 2002. "Controlling High Bandwidth Aggregates in the Network" ACM SIGCOMM Computer Communication Review, Volume 12, Issue 3, pp 62-73.
  15. Angelos D. Keromytis, Vishal Misra and Dan Rubenstein 2004. "SOS: An Architecture for Mitigating DDoS Attacks" IEEE Journal on Selected Areas in Communications, Volume: 22 , Issue: 1, pp: 176 – 188.
  16. Stavrou, A. , Keromytis, A. D. , Nieh, J. , Misra, V. , Rubenstein, D. 2005. "MOVE: An End-to-End Solution to Network Denial of Service", In proceeding of: Proceedings of the Network and Distributed System Security Symposium.
  17. AbrahamYaar Adrian Perrig and Dawn Song 2003. "Pi: A Path Identification Mechanism to Defend against DDoS Attacks" Proceeding of Symposium on Security and Privacy.
  18. VamsiParuchuri, ArjanDurresi and SriramChellappan 2008. "TTL based Packet Marking for IP Trace back" IEEE Conference on Global Telecommunications.
  19. JelenaMirkovic and Peter Reiher 2005. "D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks" IEEE Transactions on Dependable and Secure Computing, Volume 2, Issue 3, pp 216- 232.
  20. AnatBremler-Barr Hanoch Levy 2005. "Spoofing Prevention Method" 24th IEEE Proceedings of Annual Joint Conference of the Computer and Communications Societies, pp536-547.
  21. JelenaMirkovic and Ezra Kissel 2011 "Comparative Evaluation of Spoofing Defenses" IEEE transactions on dependable and secure computing, volume 8, issue 2.
Index Terms

Computer Science
Information Sciences

Keywords

DDOS IP spoofing BGP IDPF