Controlling IP Spoofing Through Inter-Domain Packet Filters
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
seminar surveyer
Active In SP

Posts: 3,541
Joined: Sep 2010
22-12-2010, 10:30 AM

Prepared by:
Zhenhai Duan, Member, IEEE, Xin Yuan, Member, IEEE, and Jaideep Chandrashekar, Member, IEEE

The Distributed Denial of Services (DDoS) attack is a serious threat to the legitimate use of the Internet. Prevention mechanisms are thwarted by the ability of attackers to forge, or spoof, the source addresses in IP packets. By employing IP spoo_ng, attackers can evade detection and put a substantial burden on the destination network for policing attack packets. In this paper, we propose an inter-domain packet _lter (IDPF) architecture that can mitigate the level of IP spoo_ng on the Internet. A key feature of our scheme is that it does not require global routing information. IDPFs are constructed from the information implicit in BGP route updates and are deployed in network border routers. We establish the conditions under which the IDPF framework works correctly in that it does not discard packets with valid source addresses. Based on extensive simulation studies, we show that even with partial deployment on the Internet, IDPFs can proactively limit the spoo_ng capability of attackers. In addition, they can help localize the origin of an attack packet to a small number of candidate networks.

Distributed Denial of Service (DDoS) attacks pose an increasingly grave threat to the Internet, as evidenced by recent DDoS attacks mounted on both popular Internet sites and the Internet infrastructure . Alarmingly, DDoS attacks are observed on a daily basis on most of the large backbone networks. One of the factors that complicate the mechanisms for policing such attacks is IP spoo_ng, the act of forging the source addresses in IP packets. By masquerading as a different host, an attacker can hide its true identity and location, rendering source-based packet _ltering less effective. It has been shown that a large part of the Internet is vulnerable to IP spoofing .
Recently, attackers are increasingly staging attacks via botnets. In this case, since the attacks are carried out through intermediaries, i.e., the compromised .bots., attackers may not utilize the technique of IP spoo_ng to hide their true identities. It is tempting to believe that the use of IP spoo_ng is less of a factor. However, recent studies show that IP spoo_ng is still a common phenomenon: it is used in many attacks, including the high-pro_le DDoS attacks on root DNS servers in early February 2006 . In response to this event, the ICANN security and stability advisory committee made three recommendations . The _rst and long-term recommendation is to adopt source IP address veri_cation, which con_rms the importance of the IP spoo_ng problem. IP spoo_ng will remain popular for a number of reasons. First, IP spoo_ng makes it harder to isolate attack traf_c from legitimate traf_c.packets with spoofed source addresses may appear to be from all around the Internet. Second, it presents the attacker with an easy way to insert a level of indirection. As a consequence, substantial effort is required to localize the source of the attack traf_c . Finally, many popular attacks, such as man-in-the-middle attacks , , re_ectorbased attacks , and TCP SYN _ood attacks , use IP spoo_ng and require the ability to forge source addresses.

seminar paper
Active In SP

Posts: 6,455
Joined: Feb 2012
29-02-2012, 12:51 PM

to get information about the topic controlling ip spoofing through inter domain packet filters full report ppt and related topic refer the link bellow





Important Note..!

If you are not satisfied with above reply ,..Please


So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page

Quick Reply
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  web spoofing full report computer science technology 13 9,012 20-05-2016, 11:59 AM
Last Post: Dhanabhagya
Last Post: Guest
  ip spoofing seminar report pdf jaseelati 0 221 18-12-2014, 02:17 PM
Last Post: jaseelati
  General Packet Radio Service (Download Full Seminar Report) Computer Science Clay 17 11,708 21-03-2014, 05:30 AM
Last Post: MichaelKa
  Test case Reduction-An Experimental Analysis through Coverage Techniques seminar addict 1 705 18-03-2014, 02:37 PM
Last Post: Guest
  Optical Packet Buffers for Backbone Internet Routers pdf seminar projects maker 0 422 28-09-2013, 02:48 PM
Last Post: seminar projects maker
  Controlling Remote Desktop pdf seminar projects maker 0 242 26-09-2013, 01:03 PM
Last Post: seminar projects maker
  Continuous online extraction of HTTP traces from packet traces pdf seminar projects maker 0 329 23-09-2013, 04:30 PM
Last Post: seminar projects maker
  ALGORITHMS FOR ROUTING LOOKUPS AND PACKET CLASSIFICATION pdf seminar projects maker 0 352 11-09-2013, 12:23 PM
Last Post: seminar projects maker
  INTER VEHICLE COMMUNICATION PPT study tips 2 1,004 28-08-2013, 09:17 AM
Last Post: study tips