An Anti-Spoofing Method:Reducing Router Memory
Main Article Content
Abstract
Large-scale denial of service (DoS) attacks represent a grave threat to hosts on the computer network.It makes the situation much
worse to use of source IP address spoofing.Efficient method to defend against IP spoofing "The Implicit Token Scheme (ITS)presented in [9],
was demonstrated.The path taken by a packet also used by ITS, which cannot be controlled by the attacker, and binds it to the source IP address
of the same packet to form a token. All valid tokens are stored in a tokens database on border routers.After receiving a packet, the border router
checks the validity of the token it carries by consulting the tokens database.only those packets will be forwarded that carrying valid tokensand
other invalid tokens dropped. Although to maintain state information for thousands of simultaneous connections which could require more
memory than is available on typical routers, ITS requires border routers. In this paper we include a component to ITS to improve its scalability
by using Bloom filters. We show that it is simple to save a substaintial amount of router memory by implementing ITS using Bloom filters, and
it does not impose large strain on routers. We also modify the basic method to allow for it to be incrementally deployed. The efficiency of the
method is demonstrated through simulations by using real world Internet data.
Â
Keywords: Denial of service (DoS), Implicit Token Scheme (ITS),Distributed Denial of Service (DDoS),IP traceback ,Ternary Content
Addressable Memory (TCAM),Router & Border Router .
Downloads
Article Details
COPYRIGHT
Submission of a manuscript implies: that the work described has not been published before, that it is not under consideration for publication elsewhere; that if and when the manuscript is accepted for publication, the authors agree to automatic transfer of the copyright to the publisher.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work
- The journal allows the author(s) to retain publishing rights without restrictions.
- The journal allows the author(s) to hold the copyright without restrictions.