Conference Proceedings

International Conference on Advanced Computing, Communication and Networks - CCN 2011

Inter Domain Packet Filters for IP Forging Attacks

Author(s) : P.V.RAVI KANTH, A. RAVI, M.SRINIVASA ROA

Abstract

The Distributed Denial-of-Service (DDoS) attack is a serious threat to the legitimate use of the Internet. Even Prevention mechanisms are attacked by the ability of attackers to forge or spoof the source addresses in IP packets. By employing IP spoofing, attackers can avoid detection and put a substantial burden on the destination network for policing attack packets. In this paper, we propose an Inter Domain Packet Filter (IDPF) architecture that can reduce the level of IP spoofing on the Internet. A key feature of our scheme is that it does not require global routing information. IDPF’s are constructed from the information implicit in Border Gateway Protocol (BGP) route updates and are deployed in network border routers and IDPF’s does not discard packets with valid source addresses. Here we show that, even with partial deployment on the Internet, IDPF’s can proactively limit the spoofing capability of attackers. In addition, they can help localize the origin of an attack packet to a small number of candidate networks.

Conference Title : International Conference on Advanced Computing, Communication and Networks - CCN 2011
Conference Date(s) : June 2-3, 2011
Place : Hotel Aroma, Chandigarh, India
No fo Author(s) : 3
DOI :
Page(s) : 138 - 143
Electronic ISBN :
Views : 677   |   Download(s) : 167