A Comparative Study of Methods for Prevention and Detection of IP Address Spoofing9th J&K Science Congress and Regional Science Congress, 1-3 October, 2013 (2013)
The IP address spoofing is a serious threat to the legitimate use of the Internet. Many Preventive mechanisms are thwarted by the ability of attackers to forge or spoof the source addresses in IP packets. Attackers can evade detection and put a substantial burden on the destination network for policing attack packets. Detection and prevention of IP address spoofing can be classified into host-based and router based methods. The host based methods are implemented on a host and aim to allow a host to recognize spoofed packets. The advantage of these methods is their easy deployment on the existing infrastructure without any need to change the networking infrastructure. On the other hand, they may act too late, since the spoofed packets must reach the host before they are detected. The router based methods are mostly implemented on routers and spoofed packets are recognized before they reach the destination. Router based methods are more efficient than host based methods, but the efficiency of the system depends on the participating routers. It is impossible for every router on the internet to participate in the system as different ISPs must deploy the same method for detection to work. In this paper a study of methods for prevention and detection of IP address spoofing is undertaken. It compares various host based methods such as IPsec, the OS Fingerprinting, TCP probing, SYN Cookies and IP puzzles with router based methods such as ingress and egress filtering, Reverse Path Forwarding (RPF), Router based Filtering (RBF), Spoofing Prevention Method (SPM), Passport, Distributed Packet Filtering (DPF), Inter Domain Packet Filtering (IDPF), Ex-IDPF, SAVE, BASE, Peer to Peer Anti Spoofing Method, Spoof Prevention Based Hierarchal Co-Ordination (SP-HCM), a Packet Marking with Bloom Filtering, Hop Count Filtering (HCF), Probabilistic Packet Marking (PPM), Pi and StackPi on the bases of their performances and effectiveness.
- Reverse Path Forwarding (RPF); Router Based Filtering (RBF); Spoofing Prevention Method (SPM); Distributed Packet Filtering (DPF); Inter Domain Packet Filtering (IDPF); Spoof Prevention Based Hierarchal Co-Ordination (SP-HCM); Probabilistic Packet Marking (PP).
Publication DateWinter October 1, 2013
Citation InformationBanday M. T. Mathangi, R.A. (2013). A Comparative Study of Methods for Prevention and Detection of IP Address Spoofing, 9th J&K Science Congress and Regional Science Congress, 1-3 October, 2013, pp.1-10, DOI: 10.13140/RG.2.1.3054.1842
Creative Commons license
This work is licensed under a Creative Commons CC_BY-NC International License.