Title :
A graph-based methodology for analyzing IP spoofing attack
Author :
Santiraveewan, Voravud ; Permpoontanalarp, Yongyuth
Author_Institution :
Dept. of Comput. Eng., King Mongkut´´s Inst. of Technol., Bangkok, Thailand
Abstract :
Firewalls offer a protection for private networks against both internal and external attacks. However, configuring firewalls to ensure the protections is a difficult task. The main reason is the lack of methodology to analyze the security of firewall configurations. IP spoofing attack is an attack in which an attacker can impersonate another person towards a victim. We propose a new methodology for verifying the vulnerability of firewall configurations to IP spoofing attack and for synthesizing IP spoofing-free configurations. Our methodology is based on graph theory, which provides a simple and intuitive approach to the vulnerability analysis of the attack.
Keywords :
IP networks; authorisation; computer network management; graph theory; network topology; IP spoofing attack; Internet; firewall configuration; graph theory; network security; network topology; Computer networks; Computer security; Electronic mail; Graph theory; Internet; Laboratories; Logic; Network synthesis; Network topology; Protection;
Conference_Titel :
Advanced Information Networking and Applications, 2004. AINA 2004. 18th International Conference on
Print_ISBN :
0-7695-2051-0
DOI :
10.1109/AINA.2004.1283792
