论文信息 - A Dynamic Method to Detect IP Spoofing on Data Network Using Ant Algorithm

A Dynamic Method to Detect IP Spoofing on Data Network Using Ant Algorithm

–A data packet is typically forwarded from one router to another through networks that constitute the internetwork until it gets to its destination node. At the same time routers in the Internet do not perform any security verification of the source IP address contained in the packets. The lack of such verification opens the door for a variety of network security vulnerabilities like denial-of-service (DoS) attacks, man-in-the-middle attacks etc. One of the major threats to the Internet is source IP address spoofing. To avoid the IP spoofing a number of prevention approaches are proposed by the research community. In this paper an ant-based traceback is proposed to detect the IP spoofing. The proposed traceback approach uses flow level information to identify the spoofing request. To validate the detection method further, this paper considers the number of hop needs to reach the destination end. Using a mapping between IP addresses and their flow level with hopcounts, the server can distinguish spoofed IP packets from legitimate ones. The simulations results show that this approach discards almost 90% of spoofed IP request. Keywords––IP spoofing, IP trace back, Ant algorithm, hop count, pheromone intensity, flow level

N. Arumugam | N. Arumugam

[1] Jun Li,et al. Large-scale IP traceback in high-speed Internet: practical techniques and theoretical foundation , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[2] Robert Beverly,et al. The Spoofer Project: Inferring the Extent of Internet Source Address Filtering on the Internet , 2005, SRUTI.

[3] Anna R. Karlin,et al. Practical network support for IP traceback , 2000, SIGCOMM.

[4] Jerry R. Hobbs,et al. An algebraic approach to IP traceback , 2002, TSEC.

[5] Alex C. Snoeren,et al. Hash-based IP traceback , 2001, SIGCOMM '01.

[6] Steven M. Bellovin,et al. ICMP Traceback Messages , 2003 .

[7] Robert Beverly,et al. The spoofer project: inferring the extent of source address filtering on the internet , 2005 .

[8] Michael T. Goodrich,et al. Efficient packet marking for large-scale IP traceback , 2002, CCS '02.

[9] Chia-Mei Chen,et al. Ant-based IP traceback , 2008, Expert Syst. Appl..

[10] Cheng Jin,et al. Defense Against Spoofed IP Traffic Using Hop-Count Filtering , 2007, IEEE/ACM Transactions on Networking.

[11] Marco Dorigo,et al. Ant system: optimization by a colony of cooperating agents , 1996, IEEE Trans. Syst. Man Cybern. Part B.

[12] Stefan Savage,et al. Inferring Internet denial-of-service activity , 2001, TOCS.