DDoS Attack Defense against Source IP Address Spoofing Attacks

نویسنده

  • Archana S. Pimpalkar
چکیده

Distributed Denial of Service (DDoS) attacks is the most challenging problems for network security. The attacker uses large number of compromised hosts to launch attack on victim. Various DDoS defense mechanisms aim at detecting and preventing the attack traffic. Source IP address spoofing is one of the most common ways of launching Distributed Denial of Service attacks. In these types of attacks, attack packet’s true origin is difficult to identify. Thus, it is very challenging to detect attack packets and handle defense mechanisms against such attacks. In this paper, defense mechanism uses cryptographic technique for identifying attack packets with source IP address spoofing and dropping those attack packets. This mechanism does not require restrictions or changes to internet routing protocols and is easy to deploy. The algorithm is efficient in identifying spoof attack packets and its effectiveness is evaluated by simulation experiments in NS3.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

StackPi : a new defense mechanism against IP spoofing and DDoS attacks

Today's Internet hosts are threatened by IP spoofing attacks and large scale Distributed Denial-of-Service (DDoS) attacks. We propose a new defense mechanism, StackPi, which unlike previous approaches, allows the host being attacked, or its upstream ISP, to filter out attack packets and to detect spoofed source IP addresses, on a per-packet basis. In StackPi, a packet is marked deterministicall...

متن کامل

Classification and State of Art of IP Traceback Techniques for DDoS Defense

Distributed Denial of Service (DDoS) attacks are a major threat to Internet today. A DDoS attack depletes bandwidth, processing capacity, or memory of a targeted machine or network. Denial of Service has come to have an enormous impact on Internet and its intensity is growing at a much rapid rate year by year. The damage caused by DDoS attacks is progressively affecting Internet society. Due to...

متن کامل

Defense against DDoS Attacks Using IP Address Spoofing

Distributed Denial of Service (DDoS) attacks is launched by large number of compromised host to interrupt the services of the legitimate users. It is most challenging to defense against such attacks because most of the attacker use source IP address spoofing in order to hide their identity and such attack packets appear to the target server as if they came from a legitimate client. In this pape...

متن کامل

Source-Based Filtering Scheme against DDOS Attacks

IP address spoofing is employed by a lot of DDoS attack tools. Most of the current research on DDoS attack packet filtering depends on cooperation among routers, which is hard to achieve in real campaigns. Therefore, in the paper, we propose a novel filtering scheme based on source information in this paper to defend against various source IP address spoofing. The proposed method works independ...

متن کامل

An Efficient Source Information based Filtering Scheme for DDOS Attacks

These days, Internet is the most essential medium for communication which is used by many users across the Network. Together, its commercial nature is causing enhance vulnerability to increase cyber crimes and there has been an immeasurable raise in the number of Distributed Denial of Service (DDOS) attacks on the internet over the past decade. Resources of network such as web servers, network ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2015