Faculty of Information Technology, BUT

Publication Details

Detecting IP-spoofing by modelling history of IP address entry points

KOVÁČIK Michal, KAJAN Michal and ŽÁDNÍK Martin. Detecting IP-spoofing by modelling history of IP address entry points. In: Emerging Management Mechanisms for the Future Internet. Lecture Notes in Computer Science, vol. 7943. Barcelona: Springer Verlag, 2013, pp. 73-83. ISBN 978-3-642-38997-9. ISSN 0302-9743.
Czech title
Detekce IP-spoofingu modelováním historie vstupních bodů IP adres
Type
conference paper
Language
english
Authors
Kováčik Michal, Ing. (DCSY FIT BUT)
Kajan Michal, Ing. (DCSY FIT BUT)
Žádník Martin, Ing., Ph.D. (DCSY FIT BUT)
Keywords
IP spoofing detection, entry points, network modeling
Abstract
Since most of the networks do not apply source IP filtering rules to its outgoing traffic an attacker may insert an arbitrary source IP address in an outgoing packet, so called IP-spoofing.
This paper elaborates on a possibility to detect IP spoofing in networks with more than one entry point. A novel detection scheme is proposed. It is based on an analysis of NetFlow data collected at the entry points.The scheme assumes that the network traffic originating from a certain source network enters the observed network via relatively stable set of points which is lower than the total number of entry points.
The scheme has been tested on data from a real network.
Published
2013
Pages
73-83
Journal
Lecture Notes in Computer Science, vol. 7943, no. 6, ISSN 0302-9743
Proceedings
Emerging Management Mechanisms for the Future Internet
Series
Lecture Notes in Computer Science
Conference
7th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management and Security, UPC Barcelona, Spain, ES
ISBN
978-3-642-38997-9
Publisher
Springer Verlag
Place
Barcelona, ES
DOI
BibTeX
@INPROCEEDINGS{FITPUB10271,
   author = "Michal Kov\'{a}\v{c}ik and Michal Kajan and Martin \v{Z}\'{a}dn\'{i}k",
   title = "Detecting IP-spoofing by modelling history of IP address entry points",
   pages = "73--83",
   booktitle = "Emerging Management Mechanisms for the Future Internet",
   series = "Lecture Notes in Computer Science",
   journal = "Lecture Notes in Computer Science",
   volume = 7943,
   number = 06,
   year = 2013,
   location = "Barcelona, ES",
   publisher = "Springer Verlag",
   ISBN = "978-3-642-38997-9",
   ISSN = "0302-9743",
   doi = "10.1007/978-3-642-38998-6\_9",
   language = "english",
   url = "https://www.fit.vut.cz/research/publication/10271"
}
Files
Back to top