Paper Presentation & Seminar Topics: Controlling IP Spoofing through Inter domain Packet Filters

Controlling IP Spoofing through Inter domain Packet Filters


The Distributed Denial-of-Service (DDoS) attack is a serious threat to the legitimate use of the Internet. Prevention mechanisms are thwarted by the ability of attackers to forge or spoof the source addresses in IP packets. By employing IP spoofing, attackers can evade detection and put a substantial burden on the destination network for policing attack packets. In this paper, we propose an interdomain packet filter (IDPF) architecture that can mitigate the level of IP spoofing on the Internet. A key feature of our scheme is that it does not require global routing information. IDPFs are constructed from the information implicit in Border Gateway Protocol (BGP) route updates and are deployed in network border routers. We establish the conditions under which the IDPF framework correctly works in that it does not discard packets with valid source addresses. Based on extensive simulation studies, we show that, even with partial deployment on the Internet, IDPFs can proactively limit the spoofing capability of attackers. In addition, they can help localize the origin of an attack packet to a small number of candidate networks.

Existing System:-

• IP Spoofing has been used to filter the packets but there is a possibility of missing the packets while spoofing.

Proposed System:-

• Inter domain packet filters has been used to filter the packets.

• IDPF (Inter Domain Packet Filter) rely on BGP update messages exchanged on the Internet to infer the validity of source address of a packet forwarded by a neighbor.

• IDPF framework can correctly work without discarding any valid packets.

Hardware Specification:
Processor : Pentium Iv 2.6 Ghz
Ram : 512 Mb Dd Ram
Monitor : 15” Color
Hard Disk : 20 Gb

Software Specification:
Front End : Java, Swing
Tools Used : JFrameBuilder
Operating System: WindowsXP