Skip to main content
SpringerLink
Log in
Book cover

Australasian Conference on Information Security and Privacy

ACISP 2011: Information Security and Privacy pp 276–291Cite as

DMIPS - Defensive Mechanism against IP Spoofing

  • Conference paper

  • 907 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6812))

Abstract

The usage of internet has increased in all fields of the globe and its size is increasing at a high rate. The network providers are not able to afford enough resources like computation power and bandwidth which are needed to maintain their quality of service. This inability is exploited by the attackers in the form of Denial of Service attacks (DoS) and Distributed Denial of Service attacks (DDoS). The systems trying to mitigate DoS attacks should focus on the technique called IP spoofing. IP Spoofing refers to the creation of IP packets with forged source address. IP spoofing aids the DoS attackers in maintaining their anonymity. IP spoofing is beneficial when the systems use source address for authentication of the packets. Previously, an anti-spoofing method called HCF (Hop Count Filtering) was proposed which could effectively filter the spoofed packets. The HCF works on the basis that the attacker cannot falsify the Hop count (HC), the number of hops an IP packet takes to reach the destination. This HC value can be inferred from the TTL (Time To Live) field in the IP packet. However, the working of HCF has the following problems: 1) Multiple path possibility is ignored. 2) The method of building the HC tables must be more secure. 3) Lack of good renew procedure which can detect network changes. In this paper, we propose a 2 level filtering scheme called DMIPS, based on HCF. DMIPS is secure, resolves the multiple path problem and can filter the spoofed packets effectively. The present scheme can detect the changes in the network and can update the HC values. DMIPS improve the quality of service of the network by minimizing the number of false positives. The network under discussion is of the type server and clients and the server is the point of attack.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Adler, M.: Tradeoffs in probabilistic packet marking for IP traceback. In: Proceedings of Thirty-Fourth Annual ACM Symposium on Theory of Computing, pp. 407–418. ACM, New York (2002)

    Chapter  Google Scholar 

  2. Amin, S.O., Kang, M.S., Hong, C.S.: A lightweight IP traceback mechanism on iPv6. In: Zhou, X., Sokolsky, O., Yan, L., Jung, E.-S., Shao, Z., Mu, Y., Lee, D.C., Kim, D.Y., Jeong, Y.-S., Xu, C.-Z. (eds.) EUC Workshops 2006. LNCS, vol. 4097, pp. 671–680. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  3. Baker, F., Savola, P.: Ingress Filtering for Multihomed Networks. RFC 3704 (2004)

    Google Scholar 

  4. Belenky, A., Ansari, N.: IP traceback with deterministic packet marking. Proceedings of IEEE Communication Letters 7(4), 162–164 (2003)

    Article  Google Scholar 

  5. Bremler-Barr, A., Levy, H.: Spoofing Prevention Method. In: Proceedings of IEEE Infocom (2005)

    Google Scholar 

  6. Ehrenkranz, T., Li, J.: On the State of IP Spoofing Defense. Proceedings of ACM Transactions on Internet Technology 9(2) (2009)

    Google Scholar 

  7. Ferguson, P., Senie, D.: Network Ingress Filtering: Defeating Denial of Service attacks which employ IP source address spoofing. RFC 2827 (2000)

    Google Scholar 

  8. Jin, C., Wang, H., Shin, K.G.: Hop-count filtering: An effective defense against spoofed DDoS traffic. In: Proceedings of the 10th ACM conference on Computer and Communications Security, ACM CCS, New York, pp. 30–41 (2003)

    Google Scholar 

  9. Rodriguez, J.C., Briones, A.P., Nolazco, J.A.: FLF4DoS. Dynamic DDoS Mitigation based on TTL field using fuzzy logic. In: Proceedings of 17th International Conference on Electronics. IEEE computer Society, Washington, DC (2007)

    Google Scholar 

  10. Savage, S., Wetherall, D., Karlin, A., Anderson, T.: Practical network support for IP traceback. Computer Communication Review 30, 295–306 (2000)

    Article  Google Scholar 

  11. Snoeren, A.C., Craig, P., Luis, A.S., Christine, E.J., Fabrice, T., Beverly, S., Stephen, K., Strayer, W.: Single-packet IP traceback. In: Proceedings of ACM/IEEE Transactions on Networking (2002)

    Google Scholar 

  12. Song, D.X., Perrig, A.: Advanced and authenticated marking schemes for IP traceback. In: Proceedings of IEEE Infocom (2001)

    Google Scholar 

  13. Strayer, T.W., Christine, E.J., Fabrice, T., Regina, R.H.: SPIE-IPv6: Single IPv6 Packet Traceback. In: Proceedings of 29th Annual IEEE Conference on Local Computer Networks, Washington, pp. 118–125 (2004)

    Google Scholar 

  14. Swain, B.R., Sahoo, B.: Mitigating DDoS attack and Saving Computational Time using a Probabilistic approach and HCF method. In: Proceedings of IEEE International Advance Computing Conference (2009)

    Google Scholar 

  15. Wong, E.L., Balasubramanian, P., Alvisi, L., Gouda, M.G., Shmatikov, V.: Truth in Advertising: Lightweight Verification of Route Integrity. In: Proceedings of 26th Annual ACM symposium on Principles of Distributed Computing, PODC, New York, pp. 147–156 (2007)

    Google Scholar 

  16. Yaar, A., Perrig, A., Song, D.: Pi: A path identification mechanism to defend against DDoS attacks. In: Proceedings of IEEE Computer Society Symposium on Research in Security and Privacy, pp. 93–107 (2003)

    Google Scholar 

  17. Yaar, A., Perrig, A., Song, D.: StackPi: New packet marking and filtering mechanisms for DDoS and IP spoofing defense. Proceedings of IEEE Journal on Selected Areas in Communications 24, 1853–1863 (2006)

    Article  Google Scholar 

  18. Unicast reverse path forwarding, Cisco IOS (1999), http://www.cisco.com/web/about/security/intelligence/unicast-rpf.html

  19. Denial-of-Service attack knocks Twitter Offline (updated) (2009), http://www.wired.com/epicenter/2009/08/twitter-apparently-down/

  20. Facebook Confirms Denial-of-Service Attack (updated) (2009), http://www.wired.com/epicenter/2009/08/facebook-apparently-attacked-in-addition-to-twitter/

  21. Icmp traceback messages (2003), http://tools.ietf.org/html/draft-ietf-itrace-04

  22. Internet Mapping Project, http://www.lumeta.com/research/

Download references

Author information

Authors and Affiliations

  1. International Institute of Information and Technology, Hyderabad, India

    Shashank Lagishetty, Pruthvi Sabbu & Kannan Srinathan

Authors
  1. Shashank Lagishetty
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pruthvi Sabbu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kannan Srinathan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Software Engineering, The University of Melbourne, 3010, Victoria, Australia

    Udaya Parampalli

  2. Qualcomm Incorporated, Suite 301, Level 3, 77 King Street, NSW 2000, Sydney, Australia

    Philip Hawkes

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lagishetty, S., Sabbu, P., Srinathan, K. (2011). DMIPS - Defensive Mechanism against IP Spoofing. In: Parampalli, U., Hawkes, P. (eds) Information Security and Privacy. ACISP 2011. Lecture Notes in Computer Science, vol 6812. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22497-3_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22497-3_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22496-6

  • Online ISBN: 978-3-642-22497-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation