CONTROLLING IP SPOOFING THROUGH PACKET FILTERING
|
|
- Elijah Black
- 8 years ago
- Views:
Transcription
1 CONTROLLING IP SPOOFING THROUGH PACKET FILTERING Mrs. Mridu Sahu Department of Computer Science Engineering, RCET Bhilai, Chhattisgarh, India mridu.kaushlesh@gmail.com Rainey C. Lal Department of Computer Science Engineering, RCET Bhilai, Chhattisgarh, India rainey.c.lal@gmail.com Abstract IP address spoofing refers to the creation of Internet Protocol packets with a forged source IP address, called spoofing, it is a method of attacking a network in order to gain unauthorized access. The distributed denial-of-service (DDoS) attack is a serious threat to the legitimate use of the Internet. The attack is based on the fact that Internet communication between distant computers is routinely handled by routers which find the best route by examining the destination address. The origination address is only used by the destination machine when it responds back to the source. We describe and evaluate route-based Packet Faltering (PF) of incoming data packets to find out it will be send by the legitimate user and using encryption techniques to encipher the IP address to Prevent the ability of attackers to forge or spoof the source addresses in IP packets and find out the malwares distributors to prevent the Drive-by-attack. Keywords: Spoofing, IP, legitimate user, PF, Router, encipher, DDoS, malwares, drive-by-attack. 1. Introduction Communication over a network contains Data Packets sent by the source user to destination using the IP protocol include many information and the IP address of the sending host. The header of each IP packet contains, among other things, the numerical source and destination address of the packet. The recipient directs replies to the sender using this source address. The correctness of this address is not verified by the protocol. The IP protocol specifies no method for validating the authenticity of the packet s source. Because attacker/intruder attacks and alter/hack the sanded data packets by manipulating the source IP address. This implies that an attacker could forge the source address to be any he desires. This is a well-known problem and has been well described. In all but a few rare cases, sending spoofed packets is done for illegitimate purposes. Sending IP packets with forged source addresses is known as packet spoofing and is used by attackers for several purposes. Spoofing is the action of making something look like something that it is not in order to gain unauthorized access to a user's private information. It is of type- IP Spoofing URL Spoofing Spoofing DNS Spoofing We are concentrating on the IP address or IP spoofing only in this paper. 1.1 IP Spoofing Overview The basic protocol for sending data over the Internet network and many other computer networks is the Internet Protocol ("IP"). IP spoofing or Internet protocol address spoofing is the method of creating an Internet protocol packet or IP packet using a fake IP address that is impersonating a legal and legitimate IP address. IP spoofing is a method of attacking a network in order to gain unauthorized access. The attack is based on the fact that Internet communication between distant computers is routinely handled by routers which find the best route by examining the destination address, but generally ignore the origination address. The origination address is only used by the destination machine when it responds back to the source. Figure 1: Intruder in communication In a spoofing attack, the intruder sends messages to a computer indicating that the message has come from a trusted system. To be successful, the intruder must first determine the IP address of a trusted system, and then modify the packet headers to that it appears that the packets are coming from the trusted system. These include obscuring 155
2 the true source of the attack, implicating another site as the attack origin, pretending to be a trusted host, hijacking or intercepting network traffic, or causing replies to target another system. Spoofing of network traffic can occur at many layers. Examples include network layer spoofing (e.g. Ethernet MAC spoofing), non-ip transport layer spoofing (e.g. IPX, NetBEUI), as well as session and application layer spoofing (e.g. spoofing). All of these have significant security concerns. 1.2 IP Address Spoofing Attacks Blind spoofing- This attack may take place from outside where sequence and acknowledgement numbers are unreachable. Attackers usually send several packets to the target machine in order to sample sequence numbers, which is doable in older days. Using the spoofing to interfere with a connection (or creating one), that does not send packets along your cable. Non-Blind spoofing- This type of attack takes place when the attacker is on the same subnet as the victim. The sequence and acknowledgement numbers can be sniffed, eliminating the potential difficulty of calculating them accurately. The biggest threat of spoofing in this instance would be session hijacking. This is accomplished by corrupting the data stream of an established connection, then re-establishing it based on correct sequence and acknowledgement numbers with the attack machine. Using this technique, an attacker could effectively bypass any authentication measures taken place to build the connection. Man in the Middle Attack- This is also called connection hijacking. In these attacks, a malicious party intercepts a legitimate communication between two hosts to controls the flow of communication and to eliminate or alter the information sent by one of the original participants without their knowledge. If an attacker controls a gateway that is in the delivery route Denial-Of-Service- conducting the attack, attackers spoof source IP addresses to make tracing and stopping the DoS as difficult as possible. When multiple compromised hosts are participating in the attack, all sending spoofed traffic; it is very challenging to quickly block the traffic. IP spoofing is almost always used in denial of service attacks (DoS), in which attackers are concerned with consuming bandwidth and resources by flooding the target with as many packets as possible in a short amount of time. 2. Related Work Research in time-sharing is provided by a collection of programs whose elaborate and strange design outgrowth of many years of experience with earlier versions. To help develop a secure system, we have continuing competition to devise new way to attack the security of the system (the bad guy) and, at the same time, to device new techniques to resist the new attack (the good guy). This competition has been in the same vein as the completion of long standing between manufactures of armor plate and those of armor piercing shells. For this reasons, the description that follows will trace the history of IP Spoofing and packet routing rather than just sending a data normally without any encryption in the network. 2.1 Detecting Spoofed Packets Packets sent using the IP protocol include the IP address of the sending host. The recipient directs replies to the sender using this source address. However, the correctness of this address is not verified by the protocol. They did research to know if network traffic has spoofed source addresses and a wide variety of methods for detecting spoofed packet. By using routing and non-routing methods they are trying to detect the spoofed packet various methods are used like Spoofed detection method Non- Routing Method OS Fingerprinting IP Identification Number Zombie control Steven and Karl conclude that the intricacies of the modern computer networks can create situations that complicated detecting spoofed packets. Also, an attacker who knows that a system is being monitored for spoofed packets may craft more sophisticated packets to defeat the spoofed packet detector. 2.2 Practical Network Support for IP Traceback In This paper describes a technique for tracing anonymous packet flooding attacks in the Internet back towards their source by using general purpose traceback mechanism based on probabilistic packet marketing in the network. Traceback can be performed post-mortem after an attack has completed. Ingress filtering Link testing Logging ICMP Traceback That said, we believe that the scheme is promising and that hybrid approaches combining it with some of the algorithms we propose are likely to be quite effective. 2.3 Controlling IP Spoofing Through Inter Domain Packet Filters They propose an inter-domain packet filter (IDPF) architecture that can mitigate the level of IP spoofing on the Internet. A key feature of our scheme is that it does not require global routing information. IDPFs are constructed from the information implicit in BGP route updates and are deployed in network border routers. We establish the conditions under which the IDPF framework works correctly in that it does not discard packets with valid source addresses. Based on extensive simulation studies, we show that even with partial deployment on the Internet, IDPFs can proactively limit the spoofing capability of attackers. 156
3 Border Gateway Protocols and AS Interconnections Relationships and Routing Policies- import policies can affect the.desirability. of routes by modifying route attributes. Let r be a route (to destination d) received at v from node u. We denote by import(v u) the possibly modified route that has been transformed by the import policies. The transformed routes are stored in v's routing table. The set of all such routes is denoted as candidater(v; d) Equation 1: import policies Inter Domain Packet Filters: They discuss the intuition behind the IDPF architecture, describe how IDPFs are constructed using BGP route updates, and establish the correctness of IDPFs. There simulation results showed that, even with partial deployment on the Internet, IDPFs can significantly limit the spoofing capability of attackers. Moreover, they also help pinpoint the true origin of an attack packet to be within a small number of candidate networks, therefore, simplifying the reactive IP traceback process. 2.4 On the Effectiveness of RouteBased Packet Filtering for Distributed DoS Attack Prevention in PowerLaw Internets Denial of service (DoS) attack on the Internet has become a pressing problem. In this paper, we describe and evaluate route-based distributed packet faltering (DPF), a novel approach to distributed DoS (DDoS) attack prevention. We show that DPF achieves proactiveness and scalability, and we show that there is an intimate relationship between the effectiveness of DPF at mitigating DDoS attack and powerlaw network topology. The salient features of their work are two-fold. First, we show that DPF is able to proactively filter out a significant fraction of spoofed packet flows and prevent attack packets from reaching their targets in the first place. The IP flows that cannot be proactively curtailed are extremely sparse so that their origin can be localized, IP traceback to within a small, constant number of candidate sites. We show that the two proactive and reactive performance effects can be achieved by implementing route-based filtering on less than 20% of Internet autonomous system (AS) sites. Second, we show that the two complementary performance measures are dependent on the properties of the underlying AS graph. In particular, we show that the power-law structure of Internet AS topology leads to connectivity properties which are crucial in facilitating the observed performance effects. cryptographic security services mainly encryption techniques is used. For ciphering the text we will use Blowfish Algorithm. 4.1 Introduction to Blowfish Algorithm Blowfish Algorithm is used for encryption and decryption. Blowfish is a symmetric block cipher that can be effectively used for encryption and safe guarding of data. It takes a variable-length key, from 32 bits to 448 bits, making it ideal for securing data. Blowfish Algorithm is a Feistel Network, iterating a simple encryption function 16 times. The block size is 64 bits, and the key can be any length up to 448 bits. Blowfish is a variable-length key block cipher. It is suitable for applications where the key does not change often, like a communications link or an automatic file encryptor. It is significantly faster than most encryption algorithms when implemented on 32-bit microprocessors with large data caches. It performs data encryption via 16- round feistel network. Each round consist of a key-dependent permutation, and a key-and data dependent substitution. All operations are XOR and additions on 32-bit words. The only addition operations are four indexed array data lookups per round. Subkeys- Blowfish uses a large number of subkeys. These keys must be per computed before any data encryption or decryption. Blowfish has 16 rounds. The input is a 64-bit data element, x. Divide x into two 32-bit halves: xl, xr. Then, for i = 1 to 16: xl = xl XOR Pi xr = F(xL) XOR xr Swap xl and xr After the sixteenth round, swap xl and xr again to undo the last swap. Then, xr = xr XOR P17 and xl = xl XOR P18. Finally, recombine xl and xr to get the ciphertext. 4. Methodology Evaluate route-based Distributed Packet Faltering (DPF), to Prevent by the ability of attackers to forge or spoof the source addresses in IP packets and find out the malwares distributors to prevent the Drive-by-attack. For implementing the above objective, Using Router based Packet Filtering and 157
4 6. Conclusion Network is an open space that facilitate the user in every mean; but many unauthorized user misuses this facility and wanted to gain useful information of someone else for their own means by adopting different network crimes. And Forging an IP address of a legitimate user is one of them. (During the literature survey of the previous work done I came to know that for securing IP address to be forged there is no such contribution is available.) We are trying to prevent the IP address of the source machine to be forged and hacked; and for this we are using Cryptography. Blowfish is an algorithm that will be used to encrypt the IP address and Packet filtering is used to prevent the forging of the Route. 7. Future Work Figure 2: Blowfish Algorithm Detecting spoofed packet and trying to prevent Source IP address is just half of the solution of the problem: we need to be able to localize the true source of the packets. A number of projects have looked at this, but either required specially instrumented routers, or changes in the underlying network protocol that will predefine having a support to IP address encryption. While these are possible solutions, we feel that methods that do not have these requirements are more attractive. We believe that for some spoofing attacks, it is possible to use search techniques built upon some of the active detection methods described in this paper to accomplish this. Reference 5. Comparison and Scope Figure 3: Project Proposed Flow During the previous paper review we observed that many of the alerts generated were false positives and could be eliminated if corroborating information were available. The ability to know if the packets that generated the alerts were spoofed is just one example of supplemental information that would help in filtering out those alerts of low significance. Only strong end-to-end authentication can prevent packet spoofing. Preventing spoofing through Packet filtering alone is a tough work to do, can prevent the frequency but for have a secure network and secure session of the user during network communication need to have better idea. IP encryption is another way to prevent the security of the IP address and if unauthorized user is not able to have original IP address then they will not be able to spoof that. For IP encryption ciphering techniques can be used. [1] Steven J. Templeton, Karl E. Levitt Detecting Spoofed Packets. Department of Computer Science U.C. Davis, Jan 2004 [2] Zhenhai Duan, Xin Yuan and Jaideep Chandrashekar, Controlling IP Spoong Through Inter-Domain Packet Filters IEEE members [3] Stefan Savage, David Wetherall, Anna Karlin and Tom Anderson Practical Network Support for IP Traceback Department of Computer Science and Engineering University of Washington [4] Cheng Jin, Haining Wang and Kang G. Shin Hop- Count Filtering: An Effective Defense Against Spoofed Traffic [5] Kihong Park and Heejo Lee On the Effectiveness of RouteBased Packet Filtering for Distributed DoS Attack Prevention in PowerLaw Internets, Network Systems Lab; Department of Computer Sciences Purdue University West Lafayette. [6] Leila Fatmasari Rahman and Rui Zhou IP Address Spoofing, Albert-udwigs-Universität Freiburg, Institute for Computer Science [7] SANS Institute InfoSec Reading Room Copyright SANS Institute Author Retains. 158
5 [8] ICANN/SSAC,.ICANN SSAC Advisory SAC008 DNS Distributed Denial of Service (DDoS) Attacks,. Mar [9] S. Staniford-Chen and L. T. Heberlein. Holding Intruders Accountable on the Internet. Proc. of the 1995 IEEE Symposium on Security and Privacy, Oakland, CA, pages 39-49, May 1995 [10] B. Schneier, Description of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish) Fast Software Encryption, Cambridge Security Workshop Proceedings, (December 1993), Springer-Verlag, 1994, pp
Proceedings of the UGC Sponsored National Conference on Advanced Networking and Applications, 27 th March 2015
A New Approach to Detect, Filter And Trace the DDoS Attack S.Gomathi, M.Phil Research scholar, Department of Computer Science, Government Arts College, Udumalpet-642126. E-mail id: gomathipriya1988@gmail.com
More informationA Novel Packet Marketing Method in DDoS Attack Detection
SCI-PUBLICATIONS Author Manuscript American Journal of Applied Sciences 4 (10): 741-745, 2007 ISSN 1546-9239 2007 Science Publications A Novel Packet Marketing Method in DDoS Attack Detection 1 Changhyun
More informationSecurity vulnerabilities in the Internet and possible solutions
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
More informationDual Mechanism to Detect DDOS Attack Priyanka Dembla, Chander Diwaker 2 1 Research Scholar, 2 Assistant Professor
International Association of Scientific Innovation and Research (IASIR) (An Association Unifying the Sciences, Engineering, and Applied Research) International Journal of Engineering, Business and Enterprise
More informationFiltering Based Techniques for DDOS Mitigation
Filtering Based Techniques for DDOS Mitigation Comp290: Network Intrusion Detection Manoj Ampalam DDOS Attacks: Target CPU / Bandwidth Attacker signals slaves to launch an attack on a specific target address
More informationAnalysis of IP Spoofed DDoS Attack by Cryptography
www..org 13 Analysis of IP Spoofed DDoS Attack by Cryptography Dalip Kumar Research Scholar, Deptt. of Computer Science Engineering, Institute of Engineering and Technology, Alwar, India. Abstract Today,
More informationControlling IP Spoofing based DDoS Attacks Through Inter-Domain Packet Filters
Controlling IP Spoofing based DDoS Attacks Through Inter-Domain Packet Filters Zhenhai Duan, Xin Yuan, and Jaideep Chandrashekar Abstract The Distributed Denial of Services (DDoS) attack is a serious threat
More informationFlexible Deterministic Packet Marking: An IP Traceback Scheme Against DDOS Attacks
Flexible Deterministic Packet Marking: An IP Traceback Scheme Against DDOS Attacks Prashil S. Waghmare PG student, Sinhgad College of Engineering, Vadgaon, Pune University, Maharashtra, India. prashil.waghmare14@gmail.com
More informationSY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.
system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped
More informationAnalysis of Automated Model against DDoS Attacks
Analysis of Automated Model against DDoS Attacks Udaya Kiran Tupakula Vijay Varadharajan Information and Networked Systems Security Research Division of Information and Communication Sciences Macquarie
More informationFirewalls and Intrusion Detection
Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall
More informationA Study of New Trends in Blowfish Algorithm
A Study of New Trends in Blowfish Algorithm Gurjeevan Singh*, Ashwani Kumar**, K. S. Sandha*** *(Department of ECE, Shaheed Bhagat Singh College of Engg. & Tech. (Polywing), Ferozepur-152004) **(Department
More informationDr. Arjan Durresi Louisiana State University, Baton Rouge, LA 70803 durresi@csc.lsu.edu. DDoS and IP Traceback. Overview
DDoS and IP Traceback Dr. Arjan Durresi Louisiana State University, Baton Rouge, LA 70803 durresi@csc.lsu.edu Louisiana State University DDoS and IP Traceback - 1 Overview Distributed Denial of Service
More informationDistributed Denial of Service
Distributed Denial of Service Dr. Arjan Durresi Louisiana State University Baton Rouge, LA 70810 Durresi@Csc.LSU.Edu These slides are available at: http://www.csc.lsu.edu/~durresi/csc7502_04/ Louisiana
More informationOutline. CSc 466/566. Computer Security. 18 : Network Security Introduction. Network Topology. Network Topology. Christian Collberg
Outline Network Topology CSc 466/566 Computer Security 18 : Network Security Introduction Version: 2012/05/03 13:59:29 Department of Computer Science University of Arizona collberg@gmail.com Copyright
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationHow To Protect Your Network From A Ddos Attack On A Network With Pip (Ipo) And Pipi (Ipnet) From A Network Attack On An Ip Address Or Ip Address (Ipa) On A Router Or Ipa
Defenses against Distributed Denial of Service Attacks Adrian Perrig, Dawn Song, Avi Yaar CMU Internet Threat: DDoS Attacks Denial of Service (DoS) attack: consumption (exhaustion) of resources to deny
More informationA Hybrid Approach for Detecting, Preventing, and Traceback DDoS Attacks
A Hybrid Approach for Detecting, Preventing, and Traceback DDoS Attacks ALI E. EL-DESOKY 1, MARWA F. AREAD 2, MAGDY M. FADEL 3 Department of Computer Engineering University of El-Mansoura El-Gomhoria St.,
More informationA Proposed Framework for Integrating Stack Path Identification and Encryption Informed by Machine Learning as a Spoofing Defense Mechanism
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661,p-ISSN: 2278-8727, Volume 16, Issue 6, Ver. VI (Nov Dec. 2014), PP 34-40 A Proposed Framework for Integrating Stack Path Identification
More informationDDoS Attack Traceback
DDoS Attack Traceback and Beyond Yongjin Kim Outline Existing DDoS attack traceback (or commonly called IP traceback) schemes * Probabilistic packet marking Logging-based scheme ICMP-based scheme Tweaking
More information20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7
20-CS-6053-00X Network Security Spring, 2014 An Introduction To Network Security Week 1 January 7 Attacks Criminal: fraud, scams, destruction; IP, ID, brand theft Privacy: surveillance, databases, traffic
More informationProtocol Rollback and Network Security
CSE 484 / CSE M 584 (Spring 2012) Protocol Rollback and Network Security Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee,
More informationNetwork Security. Dr. Ihsan Ullah. Department of Computer Science & IT University of Balochistan, Quetta Pakistan. April 23, 2015
Network Security Dr. Ihsan Ullah Department of Computer Science & IT University of Balochistan, Quetta Pakistan April 23, 2015 1 / 24 Secure networks Before the advent of modern telecommunication network,
More informationDistributed Denial of Service(DDoS) Attack Techniques and Prevention on Cloud Environment
Distributed Denial of Service(DDoS) Attack Techniques and Prevention on Cloud Environment Keyur Chauhan 1,Vivek Prasad 2 1 Student, Institute of Technology, Nirma University (India) 2 Assistant Professor,
More informationA TWO LEVEL ARCHITECTURE USING CONSENSUS METHOD FOR GLOBAL DECISION MAKING AGAINST DDoS ATTACKS
ICTACT JOURNAL ON COMMUNICATION TECHNOLOGY, JUNE 2010, ISSUE: 02 A TWO LEVEL ARCHITECTURE USING CONSENSUS METHOD FOR GLOBAL DECISION MAKING AGAINST DDoS ATTACKS S.Seetha 1 and P.Raviraj 2 Department of
More informationSession Hijacking Exploiting TCP, UDP and HTTP Sessions
Session Hijacking Exploiting TCP, UDP and HTTP Sessions Shray Kapoor shray.kapoor@gmail.com Preface With the emerging fields in e-commerce, financial and identity information are at a higher risk of being
More informationMONITORING OF TRAFFIC OVER THE VICTIM UNDER TCP SYN FLOOD IN A LAN
MONITORING OF TRAFFIC OVER THE VICTIM UNDER TCP SYN FLOOD IN A LAN Kanika 1, Renuka Goyal 2, Gurmeet Kaur 3 1 M.Tech Scholar, Computer Science and Technology, Central University of Punjab, Punjab, India
More informationDistributed Denial of Service (DDoS)
Distributed Denial of Service (DDoS) Defending against Flooding-Based DDoS Attacks: A Tutorial Rocky K. C. Chang Presented by Adwait Belsare (adwait@wpi.edu) Suvesh Pratapa (suveshp@wpi.edu) Modified by
More informationINTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY
INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK AN OVERVIEW OF MOBILE ADHOC NETWORK: INTRUSION DETECTION, TYPES OF ATTACKS AND
More informationPrevention of Attacks under DDoS Using Target Customer Behavior
www.ijcsi.org 301 Prevention of Attacks under DDoS Using Target Customer Behavior K.Kuppusamy 1 and S.Malathi 2 1 Department of Computer Science &Engineering, Alagappa University Karaikudi, Tamil Nadu,
More informationAN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS K.Kuppusamy 1 and S.Malathi 2 1 Department of Computer Science &Engineering, Alagappa University, Karaikudi kkdiksamy@yahoo.com
More informationA Review of Anomaly Detection Techniques in Network Intrusion Detection System
A Review of Anomaly Detection Techniques in Network Intrusion Detection System Dr.D.V.S.S.Subrahmanyam Professor, Dept. of CSE, Sreyas Institute of Engineering & Technology, Hyderabad, India ABSTRACT:In
More informationDDoS Protection. How Cisco IT Protects Against Distributed Denial of Service Attacks. A Cisco on Cisco Case Study: Inside Cisco IT
DDoS Protection How Cisco IT Protects Against Distributed Denial of Service Attacks A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge: Prevent low-bandwidth DDoS attacks coming from a broad
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationProvider-Based Deterministic Packet Marking against Distributed DoS Attacks
Provider-Based Deterministic Packet Marking against Distributed DoS Attacks Vasilios A. Siris and Ilias Stavrakis Institute of Computer Science, Foundation for Research and Technology - Hellas (FORTH)
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationForensics Tracking for IP Spoofers Using Path Backscatter Messages
Forensics Tracking for IP Spoofers Using Path Backscatter Messages Mithun Dev P D 1, Anju Augustine 2 1, 2 Department of Computer Science and Engineering, KMP College of Engineering, Asamannoor P.O Poomala,
More informationCS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module
CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human
More informationHow To Filter Ddos Attack Packets
International Journal of Database Theory and Application 9 Source-Based Filtering Scheme against DDOS Attacks Fasheng Yi 1,2, Shui Yu 1, Wanlei Zhou 1, Jing Hai 1 and Alessio Bonti 1 1 School of Engineering
More informationco Characterizing and Tracing Packet Floods Using Cisco R
co Characterizing and Tracing Packet Floods Using Cisco R Table of Contents Characterizing and Tracing Packet Floods Using Cisco Routers...1 Introduction...1 Before You Begin...1 Conventions...1 Prerequisites...1
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationDDoS-blocker: Detection and Blocking of Distributed Denial of Service Attack
DDoS-blocker: Detection and Blocking of Distributed Denial of Service Attack Sugih Jamin EECS Department University of Michigan jamin@eecs.umich.edu Internet Design Goals Key design goals of Internet protocols:
More informationP Principles of Network Forensics P Terms & Log-based Tracing P Application Layer Log Analysis P Lower Layer Log Analysis
Agenda Richard Baskerville P Principles of P Terms & -based Tracing P Application Layer Analysis P Lower Layer Analysis Georgia State University 1 2 Principles Kim, et al (2004) A fuzzy expert system for
More informationEXAM questions for the course TTM4135 - Information Security May 2013. Part 1
EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question
More informationDetection and Controlling of DDoS Attacks by a Collaborative Protection Network
Detection and Controlling of DDoS Attacks by a Collaborative Protection Network Anu Johnson 1, Bhuvaneswari.P 2 PG Scholar, Dept. of C.S.E, Anna University, Hindusthan Institute of Technology, Coimbatore,
More informationTackling Congestion to Address Distributed Denial of Service: A Push-Forward Mechanism
Tackling Congestion to Address Distributed Denial of Service: A Push-Forward Mechanism Srinivasan Krishnamoorthy and Partha Dasgupta Computer Science and Engineering Department Arizona State University
More informationDesign and Experiments of small DDoS Defense System using Traffic Deflecting in Autonomous System
Design and Experiments of small DDoS Defense System using Traffic Deflecting in Autonomous System Ho-Seok Kang and Sung-Ryul Kim Konkuk University Seoul, Republic of Korea hsriver@gmail.com and kimsr@konkuk.ac.kr
More informationPacket-Marking Scheme for DDoS Attack Prevention
Abstract Packet-Marking Scheme for DDoS Attack Prevention K. Stefanidis and D. N. Serpanos {stefanid, serpanos}@ee.upatras.gr Electrical and Computer Engineering Department University of Patras Patras,
More informationFederal Computer Incident Response Center (FedCIRC) Defense Tactics for Distributed Denial of Service Attacks
Threat Paper Federal Computer Incident Response Center (FedCIRC) Defense Tactics for Distributed Denial of Service Attacks Federal Computer Incident Response Center 7 th and D Streets S.W. Room 5060 Washington,
More informationPrevention, Detection and Mitigation of DDoS Attacks. Randall Lewis MS Cybersecurity
Prevention, Detection and Mitigation of DDoS Attacks Randall Lewis MS Cybersecurity DDoS or Distributed Denial-of-Service Attacks happens when an attacker sends a number of packets to a target machine.
More informationSecurity Technology White Paper
Security Technology White Paper Issue 01 Date 2012-10-30 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without
More informationCHAPETR 3. DISTRIBUTED DEPLOYMENT OF DDoS DEFENSE SYSTEM
59 CHAPETR 3 DISTRIBUTED DEPLOYMENT OF DDoS DEFENSE SYSTEM 3.1. INTRODUCTION The last decade has seen many prominent DDoS attack on high profile webservers. In order to provide an effective defense against
More informationIPv6 SECURITY. May 2011. The Government of the Hong Kong Special Administrative Region
IPv6 SECURITY May 2011 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the express
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationCloud Computing: A CRM Service Based on a Separate Encryption and Decryption using Blowfish algorithm
Cloud Computing: A CRM Service Based on a Separate Encryption and Decryption using Blowfish algorithm G.Devi 1, M.Pramod Kumar 2 1 M.Tech(CSE),devi.gujjula9@gmail.com,Sri Vasavi Engineering College, Tadepalligudem
More informationWhat is network security?
Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application
More informationSecurity. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key
Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder
More informationA SURVEY OF CLOUD COMPUTING: NETWORK BASED ISSUES PERFORMANCE AND ANALYSIS
A SURVEY OF CLOUD COMPUTING: NETWORK BASED ISSUES PERFORMANCE AND ANALYSIS *Dr Umesh Sehgal, #Shalini Guleria *Associate Professor,ARNI School of Computer Science,Arni University,KathagarhUmeshsehgalind@gmail.com
More informationFinal exam review, Fall 2005 FSU (CIS-5357) Network Security
Final exam review, Fall 2005 FSU (CIS-5357) Network Security Instructor: Breno de Medeiros 1. What is an insertion attack against a NIDS? Answer: An insertion attack against a network intrusion detection
More informationOutline. Outline. Outline
Network Forensics: Network Prefix Scott Hand September 30 th, 2011 1 What is network forensics? 2 What areas will we focus on today? Basics Some Techniques What is it? OS fingerprinting aims to gather
More informationSECURITY FLAWS IN INTERNET VOTING SYSTEM
SECURITY FLAWS IN INTERNET VOTING SYSTEM Sandeep Mudana Computer Science Department University of Auckland Email: smud022@ec.auckland.ac.nz Abstract With the rapid growth in computer networks and internet,
More informationChapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All
More informationNEW TECHNIQUES FOR THE DETECTION AND TRACKING OF THE DDOS ATTACKS
NEW TECHNIQUES FOR THE DETECTION AND TRACKING OF THE DDOS ATTACKS Iustin PRIESCU, PhD Titu Maiorescu University, Bucharest Sebastian NICOLAESCU, PhD Verizon Business, New York, USA Rodica NEAGU, MBA Outpost24,
More informationPacket Level Authentication Overview
Packet Level Authentication Overview Dmitrij Lagutin, Dmitrij.Lagutin@hiit.fi Helsinki Institute for Information Technology HIIT Aalto University School of Science and Technology Contents Introduction
More informationCS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24
Introduction to Computer Networks Lecture24 Network security (continued) Key distribution Secure Shell Overview Authentication Practical issues Firewalls Denial of Service Attacks Definition Examples Key
More informationDoS: Attack and Defense
DoS: Attack and Defense Vincent Tai Sayantan Sengupta COEN 233 Term Project Prof. M. Wang 1 Table of Contents 1. Introduction 4 1.1. Objective 1.2. Problem 1.3. Relation to the class 1.4. Other approaches
More informationSecuring MANET Using Diffie Hellman Digital Signature Scheme
Securing MANET Using Diffie Hellman Digital Signature Scheme Karamvir Singh 1, Harmanjot Singh 2 1 Research Scholar, ECE Department, Punjabi University, Patiala, Punjab, India 1 Karanvirk09@gmail.com 2
More informationInternet Protocol trace back System for Tracing Sources of DDoS Attacks and DDoS Detection in Neural Network Packet Marking
Internet Protocol trace back System for Tracing Sources of DDoS Attacks and DDoS Detection in Neural Network Packet Marking 1 T. Ravi Kumar, 2 T Padmaja, 3 P. Samba Siva Raju 1,3 Sri Venkateswara Institute
More informationEntropy-Based Collaborative Detection of DDoS Attacks on Community Networks
Entropy-Based Collaborative Detection of DDoS Attacks on Community Networks Krishnamoorthy.D 1, Dr.S.Thirunirai Senthil, Ph.D 2 1 PG student of M.Tech Computer Science and Engineering, PRIST University,
More informationECE 578 Term Paper Network Security through IP packet Filtering
ECE 578 Term Paper Network Security through IP packet Filtering Cheedu Venugopal Reddy Dept of Electrical Eng and Comp science Oregon State University Bin Cao Dept of electrical Eng and Comp science Oregon
More informationTracing Network Attacks to Their Sources
Tracing Network s to Their Sources Security An IP traceback architecture in which routers log data about packets and adjacent forwarding nodes lets us trace s to their sources, even when the source IP
More informationCS 356 Lecture 16 Denial of Service. Spring 2013
CS 356 Lecture 16 Denial of Service Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter
More informationARP Storm Detection and Prevention Measures
456 ARP Storm Detection and Prevention Measures S.Vidya 1 and R.Bhaskaran 2 1 Department of Computer Science, Fatima College Madurai 626 018, Tamil Nadu, India 2 School of Mathematics, Madurai Kamaraj
More informationTECHNICAL NOTE 06/02 RESPONSE TO DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACKS
TECHNICAL NOTE 06/02 RESPONSE TO DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACKS 2002 This paper was previously published by the National Infrastructure Security Co-ordination Centre (NISCC) a predecessor
More informationTracing the Origins of Distributed Denial of Service Attacks
Tracing the Origins of Distributed Denial of Service Attacks A.Peart Senior Lecturer amanda.peart@port.ac.uk University of Portsmouth, UK R.Raynsford. Student robert.raynsford@myport.ac.uk University of
More informationPacket Sniffers Submitted in partial fulfillment of the requirement for the award of degree Of MCA
A Seminar report On Packet Sniffers Submitted in partial fulfillment of the requirement for the award of degree Of MCA SUBMITTED TO: www.studymafia.org SUBMITTED BY: www.studymafia.org Preface I have made
More informationChapter 7: Network security
Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport
More informationSoftware Puzzle Counterstrike for Denial of Service Attack
Software Puzzle Counterstrike for Denial of Service Attack Deepu. S. D, Dr. Ramakrishna. M.V 4th Sem M.Tech Student, Department of ISE, SJBIT, Bangalore, India Professor, Department of ISE, SJBIT, Bangalore,
More informationDETECTION OF APPLICATION LAYER DDOS ATTACKS USING INFORMATION THEORY BASED METRICS
DETECTION OF APPLICATION LAYER DDOS ATTACKS USING INFORMATION THEORY BASED METRICS S. Renuka Devi and P. Yogesh Department of Information Science and Technology, College of Engg. Guindy, Anna University,
More informationAnalysis of Traceback Techniques
Analysis of Traceback Techniques Udaya Kiran Tupakula Vijay Varadharajan Information and Networked Systems Security Research Division of ICS, Macquarie University North Ryde, NSW-2109, Australia {udaya,
More informationSIP and VoIP 1 / 44. SIP and VoIP
What is SIP? What s a Control Channel? History of Signaling Channels Signaling and VoIP Complexity Basic SIP Architecture Simple SIP Calling Alice Calls Bob Firewalls and NATs SIP URIs Multiple Proxies
More informationWIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006
WIRELESS SECURITY Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Wireless LAN Security Learning Objectives Students should be able
More informationCS5490/6490: Network Security- Lecture Notes - November 9 th 2015
CS5490/6490: Network Security- Lecture Notes - November 9 th 2015 Wireless LAN security (Reference - Security & Cooperation in Wireless Networks by Buttyan & Hubaux, Cambridge Univ. Press, 2007, Chapter
More informationA HYBRID APPROACH TO COUNTER APPLICATION LAYER DDOS ATTACKS
A HYBRID APPROACH TO COUNTER APPLICATION LAYER DDOS ATTACKS S. Renuka Devi and P. Yogesh Department of Information Science and Technology, College of Engg.Guindy, AnnaUniversity, Chennai.India. renusaravanan@yahoo.co.in,
More informationNetwork Forensics: Log Analysis
Network Forensics: Analysis Richard Baskerville Agenda P Terms & -based Tracing P Application Layer Analysis P Lower Layer Analysis Georgia State University 1 2 Two Important Terms PPromiscuous Mode
More informationCyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014
Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014 Introduction: Cyber attack is an unauthorized access to a computer
More informationA Practical Method to Counteract Denial of Service Attacks
A Practical Method to Counteract Denial of Service Attacks Udaya Kiran Tupakula Vijay Varadharajan Information and Networked System Security Research Division of Information and Communication Sciences
More informationAn IP Trace back System to Find the Real Source of Attacks
An IP Trace back System to Find the Real Source of Attacks A.Parvathi and G.L.N.JayaPradha M.Tech Student,Narasaraopeta Engg College, Narasaraopeta,Guntur(Dt),A.P. Asso.Prof & HOD,Dept of I.T,,Narasaraopeta
More information18-731 Midterm. Name: Andrew user id:
18-731 Midterm 6 March 2008 Name: Andrew user id: Scores: Problem 0 (10 points): Problem 1 (10 points): Problem 2 (15 points): Problem 3 (10 points): Problem 4 (20 points): Problem 5 (10 points): Problem
More informationKeyword: Cloud computing, service model, deployment model, network layer security.
Volume 4, Issue 2, February 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Emerging
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Vulnerability Analysis 1 Roadmap Why vulnerability analysis? Example: TCP/IP related vulnerabilities
More informationA Flow-based Method for Abnormal Network Traffic Detection
A Flow-based Method for Abnormal Network Traffic Detection Myung-Sup Kim, Hun-Jeong Kang, Seong-Cheol Hong, Seung-Hwa Chung, and James W. Hong Dept. of Computer Science and Engineering POSTECH {mount,
More informationIMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT
IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT Roopa K. Panduranga Rao MV Dept of CS and Engg., Dept of IS and Engg., J.N.N College of Engineering, J.N.N College of Engineering,
More informationSecurity Considerations for Intrinsic Monitoring within IPv6 Networks: Work in Progress
Security Considerations for Intrinsic Monitoring within IPv6 Networks: Work in Progress Alan Davy and Lei Shi Telecommunication Software&Systems Group, Waterford Institute of Technology, Ireland adavy,lshi@tssg.org
More informationMitigating Denial-of-Service and Distributed Denial-of-Service Attacks Using Server Hopping Model Using Distributed Firewall
Mitigating Denial-of-Service and Distributed Denial-of-Service Attacks Using Server Hopping Model Using Distributed Firewall Prajyoti P.Sabale 1, Anjali B.Raut 2 1 Department of Computer Science &Information
More informationAn Effectual Identification and Prevention OF DDOS Attacks in Web Using Divide-And-Conquer Algorithm
International Journal of Computer Networks and Communications Security VOL.1, NO.6, NOVEMBER 2013, 272 277 Available online at: www.ijcncs.org ISSN 2308-9830 C N C S An Effectual Identification and Prevention
More informationVulnerabili3es and A7acks
IPv6 Security Vulnerabili3es and A7acks Inherent vulnerabili3es Less experience working with IPv6 New protocol stack implementa3ons Security devices such as Firewalls and IDSs have less support for IPv6
More information