• DocumentCode
    401143
  • Title

    On the effectiveness of Martian address filtering and its extensions

  • Author

    Kim, Hyogon ; Kang, Inhye

  • Author_Institution
    Korea Univ., Seoul, South Korea
  • Volume
    3
  • fYear
    2003
  • fDate
    1-5 Dec. 2003
  • Firstpage
    1348
  • Abstract
    Martian address filtering refers to a technique that discards IP packets that have an invalid source or destination address. This paper evaluates its effectiveness (or lack thereof) under denial of service (DoS) attack or host scan, in terms of packet-level and flow-level filtering performance. In order to overcome the shortcoming of Martian address filtering, we consider two extensions: unallocated address checking and blacklisting. We demonstrate through trace-based simulation that these techniques can indeed boost filtering performance. We also analyze the performance and the possible side-effects of the extensions.
  • Keywords
    IP networks; information filters; packet switching; protocols; telecommunication security; IP packets; Martian address filtering; blacklisting; denial of service attack; flow-level filtering; host scan; packet-level filtering; stateful inspection; trace-based simulation; unallocated address checking; Broadcasting; Computer crime; IP networks; Information filtering; Information filters; Inspection; Performance analysis; Protocols; Testing; Unicast;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Global Telecommunications Conference, 2003. GLOBECOM '03. IEEE
  • Print_ISBN
    0-7803-7974-8
  • Type

    conf

  • DOI
    10.1109/GLOCOM.2003.1258458
  • Filename
    1258458
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=401143