A trust-based approach against IP-spoofing attacks

IP-spoofing attacks remain one of the most damaging attacks in which an attacker replaces the original source IP address with a new one. Using the existing attacking tools to launch IP spoofing attacks, an attacker can now easily compromise access routers and not only the end-hosts. In this paper, we propose a trust-based approach using a Bayesian inference model that evaluates the trustworthiness of an access router with regards to forwarding packets without modifying their source IP address. The trust values for the access routers is computed by a judge router that samples all traffic being forwarded by the access routers. The simulation results show that our approach effectively detects malicious access routers. The results also show that our approach has a low impact on the network performance when no attack is present, and that it introduces little overhead traffic.

[1]  Zhu Han,et al.  Information theoretic framework of trust modeling and evaluation for ad hoc networks , 2006, IEEE Journal on Selected Areas in Communications.

[2]  Ehab Al-Shaer,et al.  Adaptive Early Packet Filtering for Defending Firewalls Against DoS Attacks , 2009, IEEE INFOCOM 2009.

[3]  Antonio Pescapè,et al.  A packet-level characterization of network traffic , 2006, 2006 11th International Workshop on Computer-Aided Modeling, Analysis and Design of Communication Links and Networks.

[4]  Feng Bao,et al.  Quantifying Trust Metrics of Recommendation Systems in Ad-Hoc Networks , 2007, 2007 IEEE Wireless Communications and Networking Conference.

[5]  Refik Molva,et al.  Core: a collaborative reputation mechanism to enforce node cooperation in mobile ad hoc networks , 2002, Communications and Multimedia Security.

[6]  Giovanni Di Crescenzo,et al.  InFilter: predictive ingress filtering to detect spoofed IP traffic , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[7]  Kiyoung Kim,et al.  A security framework with trust management for sensor networks , 2005, Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005..

[8]  Stéphane Loiseau,et al.  A Bayesian network based trust model for improving collaboration in mobile ad hoc networks , 2007, 2007 IEEE International Conference on Research, Innovation and Vision for the Future.

[9]  Shiwu Zhang,et al.  Impersonation Attack on Two Identity-Based Authenticated Key Exchange Protocols , 2010, 2010 WASE International Conference on Information Engineering.

[10]  John S. Baras,et al.  On trust models and trust evaluation metrics for ad hoc networks , 2006, IEEE Journal on Selected Areas in Communications.

[11]  S.G. Pukale,et al.  Detection and defense against DDoS attack with IP spoofing , 2008, 2008 International Conference on Computing, Communication and Networking.

[12]  Jack Harris,et al.  StaticTrust: A Practical Framework for Trusted Networked Devices , 2011, 2011 44th Hawaii International Conference on System Sciences.

[13]  V. Kamakshi Prasad,et al.  Detecting and Preventing IP-spoofed DDoS Attacks by Encrypted Marking Based Detection and Filtering (EMDAF) , 2009, 2009 International Conference on Advances in Recent Technologies in Communication and Computing.

[14]  Zhang Hui,et al.  Identity-based authenticated key exchange protocols , 2010, 2010 International Conference on Educational and Information Technology.

[15]  Ion Bica,et al.  Design of Traceback Methods for Tracking DoS Attacks , 2009, 2009 International Association of Computer Science and Information Technology - Spring Conference.

[16]  Robert Beverly,et al.  The spoofer project: inferring the extent of source address filtering on the internet , 2005 .

[17]  Tony Bates,et al.  Guidelines for creation, selection, and registration of an Autonomous System (AS) , 1996, RFC.

[18]  F. Heider Attitudes and cognitive organization. , 1946, The Journal of psychology.

[19]  Robert Beverly,et al.  The Spoofer Project: Inferring the Extent of Internet Source Address Filtering on the Internet , 2005, SRUTI.

[20]  Erdal Oruklu,et al.  Threat-adaptive architectures for trusted platform modules in secure computing systems , 2010, 2010 IEEE International Conference on Electro/Information Technology.

[21]  Jamalul-lail Ab Manan,et al.  Trust Formation Based on Subjective Logic and PGP Web-of-Trust for Information Sharing in Mobile Ad Hoc Networks , 2010, 2010 IEEE Second International Conference on Social Computing.

[22]  Maurizio Molina,et al.  Web traffic modeling exploiting TCP connections' temporal clustering through HTML-REDUCE , 2000, IEEE Netw..

[23]  George Kesidis,et al.  Denial-of-service attack-detection techniques , 2006, IEEE Internet Computing.

[24]  Cheng Jin,et al.  Defense Against Spoofed IP Traffic Using Hop-Count Filtering , 2007, IEEE/ACM Transactions on Networking.

[25]  Hyeong-Ah Choi,et al.  Packet filtering for congestion control under DoS attacks , 2004, Second IEEE International Information Assurance Workshop, 2004. Proceedings..