Title :
Proposaland Efficient Implementation of Detecting and Filtering Method for IP Spoofed Packets
Author :
Ohtsuka, Toshinori ; Nakamura, Fumitaka ; Sekiya, Yuji ; Wakahara, Yasushi
Author_Institution :
Univ. of Tokyo, Tokyo
Abstract :
In the Internet there are a lot of distributed denial of service (DDoS) attacks. A lot of attacks aim to cause damage to services such as web, ire and DNS. However, there is no efficient method to protect regular traffic from the attacks. In this paper we propose FSN method to detect and filter out the attacks efficiently as much as possible, near the attackers. FSN method is effective and practical and applicable to the real Internet environment. FSN method uses topology information to detect the attacks and collects topology information using IGP routing protocol, so it is applicable to the environments including asymmetric paths and it doesn´t require collected packets to construct neighbor information. To evaluate FSN method we perform some simulations compared to reverse path forwarding (RPF). The simulation results show FSN method can prevent the attacks more efficiently than RPF and filter out the attacks in the environments including asymmetric paths. According to the results, we conclude FSN method is very effective and practical.
Keywords :
Internet; routing protocols; security of data; IGP routing protocol; IP spoofed packets; Internet environment; distributed denial of service attacks; filtering method; reverse path forwarding; topology information; Computer crime; Electronic mail; Information filtering; Information filters; Information technology; Proposals; Protection; Routing protocols; Topology; Web and internet services;
Conference_Titel :
Information and Communication Technology, 2007. ICICT '07. International Conference on
Conference_Location :
Dhaka
Print_ISBN :
984-32-3394-8
DOI :
10.1109/ICICT.2007.375404
