Controlling IP Spoofing Through Inter-Domain Packet Filters
#1

Prepared by:
Zhenhai Duan, Member, IEEE, Xin Yuan, Member, IEEE, and Jaideep Chandrashekar, Member, IEEE

ABSTRACT
The Distributed Denial of Services (DDoS) attack is a serious threat to the legitimate use of the Internet. Prevention mechanisms are thwarted by the ability of attackers to forge, or spoof, the source addresses in IP packets. By employing IP spoo_ng, attackers can evade detection and put a substantial burden on the destination network for policing attack packets. In this paper, we propose an inter-domain packet _lter (IDPF) architecture that can mitigate the level of IP spoo_ng on the Internet. A key feature of our scheme is that it does not require global routing information. IDPFs are constructed from the information implicit in BGP route updates and are deployed in network border routers. We establish the conditions under which the IDPF framework works correctly in that it does not discard packets with valid source addresses. Based on extensive simulation studies, we show that even with partial deployment on the Internet, IDPFs can proactively limit the spoo_ng capability of attackers. In addition, they can help localize the origin of an attack packet to a small number of candidate networks.


INTRODUCTION
Distributed Denial of Service (DDoS) attacks pose an increasingly grave threat to the Internet, as evidenced by recent DDoS attacks mounted on both popular Internet sites and the Internet infrastructure . Alarmingly, DDoS attacks are observed on a daily basis on most of the large backbone networks. One of the factors that complicate the mechanisms for policing such attacks is IP spoo_ng, the act of forging the source addresses in IP packets. By masquerading as a different host, an attacker can hide its true identity and location, rendering source-based packet _ltering less effective. It has been shown that a large part of the Internet is vulnerable to IP spoofing .
Recently, attackers are increasingly staging attacks via botnets. In this case, since the attacks are carried out through intermediaries, i.e., the compromised .bots., attackers may not utilize the technique of IP spoo_ng to hide their true identities. It is tempting to believe that the use of IP spoo_ng is less of a factor. However, recent studies show that IP spoo_ng is still a common phenomenon: it is used in many attacks, including the high-pro_le DDoS attacks on root DNS servers in early February 2006 . In response to this event, the ICANN security and stability advisory committee made three recommendations . The _rst and long-term recommendation is to adopt source IP address veri_cation, which con_rms the importance of the IP spoo_ng problem. IP spoo_ng will remain popular for a number of reasons. First, IP spoo_ng makes it harder to isolate attack traf_c from legitimate traf_c.packets with spoofed source addresses may appear to be from all around the Internet. Second, it presents the attacker with an easy way to insert a level of indirection. As a consequence, substantial effort is required to localize the source of the attack traf_c . Finally, many popular attacks, such as man-in-the-middle attacks , , re_ectorbased attacks , and TCP SYN _ood attacks , use IP spoo_ng and require the ability to forge source addresses.

Reference:
http://docs.googleviewer?a=v&q=cache:Z31...c08zYU44PA
Reply
#2

to get information about the topic controlling ip spoofing through inter domain packet filters full report ppt and related topic refer the page link bellow
http://studentbank.in/report-controlling...ers--16299

http://studentbank.in/report-controlling...2#pid69162

http://studentbank.in/report-controlling...?pid=47413

http://studentbank.in/report-controlling...ode=linear

Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: which security model is used to constructing inter domain packet filters to control ip spoofing with bgp updates, controlling ip spoofing through inter domain ppt, spoofing domain name, controlling ip spoofing through inter domain, controlling ip spoofing through inter domain packet filters controlling ip spoofing through inter domain packet filters, inter domain packet filter report, pdf controlling ip spoofing through inter domain packet filters coding free download,

[-]
Quick Reply
Message
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  web spoofing full report computer science technology 9 10,970 26-03-2014, 06:29 AM
Last Post: Guest
  General Packet Radio Service (Download Full Seminar Report) Computer Science Clay 10 15,731 22-03-2014, 12:46 PM
Last Post: MichaelPn
Thumbs Down High Speed OFDM Packet Access (HSOPA) computer science crazy 2 10,417 08-12-2012, 02:44 PM
Last Post: seminar details
  High-Speed Downlink Packet Access (HSDPA) shibin.sree 1 9,157 08-12-2012, 02:44 PM
Last Post: seminar details
  High Speed Packet Access seminar surveyer 1 9,112 08-12-2012, 02:44 PM
Last Post: seminar details
  Wimax Broadband wireless access through 802 16 nit_cal 1 1,829 02-11-2012, 04:10 PM
Last Post: seminar details
  INTRODUCTION OF IP SPOOFING computer girl 0 1,022 08-06-2012, 12:01 PM
Last Post: computer girl
  Integrated Fiber-Wireless (FiWi) Access Networks Supporting Inter-ONU Communications computer girl 0 1,122 07-06-2012, 01:47 PM
Last Post: computer girl
  Resilient Packet Ring Technology computer science crazy 1 1,945 20-02-2012, 10:43 AM
Last Post: seminar paper
  Design Of 2-D Filters Using A Parallel Processor Architecture (Download Full Seminar Computer Science Clay 3 3,014 18-02-2012, 10:37 AM
Last Post: seminar paper

Forum Jump: