Home††††††† Author Index††††††† Search†††††††††††††††† Volume 1††††† May 2009††††† ISSN 1797-9617

International Journal of

Recent Trends in Engineering

Home > Vol. 1, No. 1

 

International Journal of Recent Trends in Engineering (IJRTE)

ISSN 1797-9617

Volume 1,† Number 1,† May 2009

Issue on Computer Science

Page(s): 635-639

Analyze and Determine the IP Spoofing Attacks Using Stackpath Identification Marking and Filtering Mechanism

†††††††††† V. Shyamaladevi, R.S.D Wahidabanu

Full text:† PDF

Abstract

Distributed denial of service is a major threat to the availability of internet services. DDoS attacks are stealthy; The Internet service provider (ISP) finds it when the new† technique propose a defense mechanism, stack identification and marking (SPi & M), which the† previous approaches are allows the host being attacked, or its upstream ISP, to filter out attack packets and to detect spoofed source IP addresses, on a per-packet basis. This work proposed StackPi-Write ahead with a new packet marking scheme based on Pi, and new filtering mechanisms. Stack marking is the similar for TTL marking the packetís TTL to aggregate the markings from different routers; each router instead treats the IP Identification field as though it were a stack. Write ahead marking All the router needs to do is substitute its own IP address for the last-hop IP address and the next-hop IP address for its IP address when calculating the bits to mark, they need not be repeated for each forwarded packet and also develop a new filter, the PiIP filter, which can be used to detect IP spoofing attacks with just a single attack packet. StackPi filtering can thus defend against not only DDoS attacks, but also many IP spoofing attacks and multicast source spoofing attacks. A packet is marked deterministically by routers along its path towards the destination. Packets traveling along the same path will have the same marking so that an attack victim need only identify the StackPi marks of attack packets to filter out all further attack packets with the same marking. In this scheme almost completely eliminates the effect of legacy routers in small quantities and performs 3-5 times better than the existing system. For the filtering mechanism, derive an optimal threshold strategy for filtering with the Path identification marking. Finally, evaluate the Stack path identificationís compatibility with IP Fragmentation, applicability in an IPv6 environment.

Index Terms

Denial-of-service, DoS, IP address spoofing, packet marking, Stack marking, Write ahead marking, Path Identifier

Published by Academy Publisher in cooperation with the ACEEE

@ Copyright 2009 ACADEMY PUBLISHER ó All rights reserved