The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

A scalable method to protect from IP spoofing

A scalable method to protect from IP spoofing
A scalable method to protect from IP spoofing

Denial of Service (DoS) attacks present a serious problem for Internet communications. The problem is aggravated when the attacker(s) spoof their IP addresses. The Implicit Token Scheme (ITS), presented in [5], is an efficient method to defend against IP spoofing. ITS, however, requires perimeter routers to maintain state information for thousands of simultaneous connections. In this paper we add a component to ITS to improve its scalability using Bloom filters. It is found that implementing ITS using Bloom filters is simple, saves a substantial amount of router memory, and does not impose large strain on routers. The efficiency of the method is demonstrated through simulations by using real-world Internet data.

Bloom filters, Denial of service, IP spoofing
569-572
Farhat, Hikmat
4b7583f4-d03c-425e-a65a-82c0e157e7e6
Farhat, Hikmat
4b7583f4-d03c-425e-a65a-82c0e157e7e6

Farhat, Hikmat (2008) A scalable method to protect from IP spoofing. In 1st International Conference on the Applications of Digital Information and Web Technologies, ICADIWT 2008. pp. 569-572 . (doi:10.1109/ICADIWT.2008.4664411).

Record type: Conference or Workshop Item (Paper)

Abstract

Denial of Service (DoS) attacks present a serious problem for Internet communications. The problem is aggravated when the attacker(s) spoof their IP addresses. The Implicit Token Scheme (ITS), presented in [5], is an efficient method to defend against IP spoofing. ITS, however, requires perimeter routers to maintain state information for thousands of simultaneous connections. In this paper we add a component to ITS to improve its scalability using Bloom filters. It is found that implementing ITS using Bloom filters is simple, saves a substantial amount of router memory, and does not impose large strain on routers. The efficiency of the method is demonstrated through simulations by using real-world Internet data.

This record has no associated files available for download.

More information

Published date: 31 October 2008
Venue - Dates: 1st International Conference on the Applications of Digital Information and Web Technologies, ICADIWT 2008, , Ostrava, Czech Republic, 2008-08-04 - 2008-08-06
Keywords: Bloom filters, Denial of service, IP spoofing

Identifiers

Local EPrints ID: 492298
URI: http://eprints.soton.ac.uk/id/eprint/492298
DOI: doi:10.1109/ICADIWT.2008.4664411
PURE UUID: 52248357-1a43-4be4-b6d0-7126a0776a71
ORCID for Hikmat Farhat: ORCID iD orcid.org/0000-0002-5043-227X

Catalogue record

Date deposited: 23 Jul 2024 17:12
Last modified: 24 Jul 2024 02:06

Export record

Altmetrics

Contributors

Author: Hikmat Farhat ORCID iD

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×