Title :
Packet Filtering Based on Source Router Marking and Hop-Count
Author :
Ali, Kashif ; Zulkernine, Mohammad ; Hassanein, Hossam
Author_Institution :
Queen´´s Univ. Kingston, Kingston
Abstract :
Denial of service (DoS) attacks impose an increasingly growing threat to the Internet These attacks result in wastage of scarce Internet resources and service disruptions. Existing packet filtering schemes are deployable at either source, intermediate or victim networks. In this paper, we propose a hybrid of the source and the victim networks-based packet filtering approach, source router marking and hop-count (SRHC), to detect and filter high-rate traffic flows and IP-spoofing attacks. Packets are marked at the source network based on their arrival rate threshold. At a victim network, the spoofed packets are marked based on the IP source arrival rate using their respective TTL value. Both source and victim networks collaborate to filter high-rate and IP-spoofing attacks. The ns-2 simulator is used to generate attack scenarios. Our simulation results show that the SRHC scheme effectively filters out high-rate and IP-spoofing attack packets, with minimal collateral damage.
Keywords :
IP networks; Internet; telecommunication network routing; telecommunication traffic; DoS; IP source arrival rate; IP-spoofing attacks; Internet; TTL value; arrival rate threshold; denial of service; filter high-rate traffic flows; source network; source router marking and hop-count; victim networks-based packet filtering; Collaboration; Computer crime; Computer networks; Frequency; IP networks; Information filtering; Information filters; Protection; Telecommunication traffic; Web and internet services;
Conference_Titel :
Local Computer Networks, 2007. LCN 2007. 32nd IEEE Conference on
Conference_Location :
Dublin
Print_ISBN :
0-7695-3000-1
Electronic_ISBN :
0742-1303
DOI :
10.1109/LCN.2007.128
