An Anti-Spoofing Method:Reducing Router Memory

Main Article Content

Er.Divyendu Kumar Mishra
Kulvinder Singh Handa


Large-scale denial of service (DoS) attacks represent a grave threat to hosts on the computer network.It makes the situation much
worse to use of source IP address spoofing.Efficient method to defend against IP spoofing "The Implicit Token Scheme (ITS)presented in [9],
was demonstrated.The path taken by a packet also used by ITS, which cannot be controlled by the attacker, and binds it to the source IP address
of the same packet to form a token. All valid tokens are stored in a tokens database on border routers.After receiving a packet, the border router
checks the validity of the token it carries by consulting the tokens database.only those packets will be forwarded that carrying valid tokensand
other invalid tokens dropped. Although to maintain state information for thousands of simultaneous connections which could require more
memory than is available on typical routers, ITS requires border routers. In this paper we include a component to ITS to improve its scalability
by using Bloom filters. We show that it is simple to save a substaintial amount of router memory by implementing ITS using Bloom filters, and
it does not impose large strain on routers. We also modify the basic method to allow for it to be incrementally deployed. The efficiency of the
method is demonstrated through simulations by using real world Internet data.


Keywords: Denial of service (DoS), Implicit Token Scheme (ITS),Distributed Denial of Service (DDoS),IP traceback ,Ternary Content
Addressable Memory (TCAM),Router & Border Router .


Download data is not yet available.

Article Details