SlideShare une entreprise Scribd logo

trackingSpoofedIp.pptx

Télécharger en tant que PPTX, PDF
B
BincySam2

Tracking spoofed Ip

Technologie
1  sur  14
Tracking Down Sources of Spoofed IP Packet NAME : GOPIKA Y REG NO : CEK19CS010 BATCH : S7 CSE GUIDE : Mrs. GEETHU RAJU G DEPARTMENT OF CSE COLLEGE OF ENGINEERING, KOTTARAKKARA TRACKING DOWN SOURCES OF SPOOFED IP PACKETS
Tracking Down Sources of Spoofed IP Packet OVERVIEW  ABSTRACT  INTRODUCTION  EXISTING IP TRACEBACK METHODS  A NEW APPROACH  LOCATING SOURCES OF SPOOFED TRAFFIC  OPERATIONAL CONSIDERATIONS  CONCLUSION  REFERENCE 2
Tracking Down Sources of Spoofed IP Packet ABSTRACT 3  IP spoofing, or IP address spoofing refers to the creation of Internet Protocol (IP) packets with a false source IP address to impersonate another computer system in order to access sensitive personal information.  Lack of authentication in the internet’s data plane allows hosts to falsify (spoof) the source IP address in packets headers, which forms the basis for amplification denial-of-service (DoS) attacks.  In a DoS attack, hackers use spoofed IP addresses to overwhelm computer servers with packets of data. There are some methods used to trace these spoofed IP packets and we are discussing about that.
Tracking Down Sources of Spoofed IP Packet INTRODUCTION IP SPOOFING  It is a situation in which one person or person successfully masquerades as another by falsifying information/data and thereby gaining an legitimate advantage.  Also called IP address forgery or host file hijack. 4
Tracking Down Sources of Spoofed IP Packet 5 TYPES OF IP SPOOFING ATTACK  The IP spoofing can further cause various attacks. 1. Blind Spoofing 2. Non-Blind Spoofing 3. Man-in-the-middle attack 4. Denial-of-service attack
Tracking Down Sources of Spoofed IP Packet EXISTING IP TRACEBACK METHODS 6 Existing IP traceback methods can be categorized as Proactive and Reactive tracing Proactive Tracing : Prepares information for tracing when packets are in transit. Two proactive methods:  Packet marking  Messaging Reactive Tracing : Starts tracing after an attack is detected.
Tracking Down Sources of Spoofed IP Packet A NEW APPROACH 7  A network operator can estimate the volume of spoofed traffic received at each of its network’s peering links and the set of networks routed toward each peering link (a catchment).  An operator can change the announcements for an IP prefix to induce changes to routes toward their prefixes and, more importantly, in the catchment of each peering link.  The catchment changes, in turn, impact the volume of spoofed traffic observed at each peering link.
Tracking Down Sources of Spoofed IP Packet 8
Tracking Down Sources of Spoofed IP Packet 9  In Configuration 1, the operator announces a prefix through three peering links with networks m, n, and p; measures the catchment (colored polygons) and traffic arriving on each peering link; and identifies that the spoofed traffic is concentrated on the link with n, i.e., sent by networks in n’s catchment (red arrow).  The operator later withdraws the announcement to n (Configuration 2), measures catchments and traffic volumes again, and identifies that the spoofed traffic is now concentrated on the peering link with m.  Configuration 3 announces the prefix from n again, but poisoning AS u (which causes AS u to ignore the route from n and choose the route from p instead). The operator can measure catchments and traffic to identify that the spoofed traffic is concentrated on the peering link with p.  Finally, the operator can intersect the measured catchments to partition networks into clusters (bottom right), and correlate clusters with observed spoofed traffic (red arrows) to identify that the spoofed traffic is concentrated on networks comprising λ.
Tracking Down Sources of Spoofed IP Packet LOCATING SOURCES OF SPOOFED TRAFFIC 10 1. INDUCED ROUTING CHANGES a) Varying announcement locations b) Iterative AS-path prepending c) Targeted AS-path poisoning 2. CORRELATING OBSERVATIONS 3. ESTIMATING VOLUME OF SPOOFED TRAFFIC
Tracking Down Sources of Spoofed IP Packet OPERATIONAL CONSIDERATIONS 11 1. Deployment Requirements  This technique generate anycast announcements.  Multiple small networks can cooperate to announce the same prefix and operate as a larger network that controls all of their peering links. 2. Requirements on Spoofed Traffic  Our techniques can be applied even when the volume of spoofed traffic is small, as it only requires information about which peering link is receiving spoofed traffic. 3. Measuring Catchment  Chose this approach as PEERING prefixes receive very little traffic and restricts active probing using its resources
Tracking Down Sources of Spoofed IP Packet CONCLUSION  Our control-plane traceback technique can be deployed by any network with rich connectivity today, without changes to routers, and does not require cooperation from other networks.  Our results using the PEERING platform indicate that our proposed techniques to generate announcement configurations can effectively manipulate routes and induce catchment changes, allowing tracking down the sources of spoofed traffic. 12
Tracking Down Sources of Spoofed IP Packet REFERENCE [1] Osvaldo Fonseca, Italo Cunha, Elverton Fazzion, Brivaldo Junior, Ronaldo A. Ferreira and Ethan Katz-Bassett, “Tracking Down Sources of Spoofed IP Packets”, in CoNEXT ’19 Companion, December 9–12,2019, Orlando, FL, USA. [2] Osvaldo Fonseca, Italo Cunha, Elverton Fazzion, Wagner Meira Jr., Brivaldo Junior, Ronaldo A. Ferreira and Ethan Katz-Bassett, “Identifying Networks Vulnerable to IP Spoofing”, in 2021 IEEE Transactions on Network and Service Management [3] Alaaeldin A. Aly and Ezedin Barka, “Tracking and Tracing Spoofed IP Packets to Their Sources”, in 2022, The Sixth Annual U.A.E. Research Conference [4] Ayman Mukaddam, Imad Elhajj, Ayman Kayssi and Ali Chehab, “IP Spoofing Detection”, in 2014 IEE 28th International Conference on Advanced Information Networking and Applications, 512-516, 2014. 13
Tracking Down Sources of Spoofed IP Packet 14 THANK YOU

Recommandé

IRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP SpoofingIRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP SpoofingIRJET Journal
 
INTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPERINTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPERINTERNATIONAL INDEXED,REFERRED,MULTILINGUAL,INTERDISCIPLINARY, MONTHLY RESEARCH JOURNAL
 
A017510102
A017510102A017510102
A017510102IOSR Journals
 
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...1crore projects
 
Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...Pvrtechnologies Nellore
 
Passive ip traceback disclosing the locations
Passive ip traceback disclosing the locationsPassive ip traceback disclosing the locations
Passive ip traceback disclosing the locationsjpstudcorner
 
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMPREVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMPpaperpublications3
 
Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)Mumbai Academisc
 

Recommandé

IRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP SpoofingIRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP SpoofingIRJET Journal
 
INTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPERINTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPERINTERNATIONAL INDEXED,REFERRED,MULTILINGUAL,INTERDISCIPLINARY, MONTHLY RESEARCH JOURNAL
 
A017510102
A017510102A017510102
A017510102IOSR Journals
 
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...1crore projects
 
Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...Pvrtechnologies Nellore
 
Passive ip traceback disclosing the locations
Passive ip traceback disclosing the locationsPassive ip traceback disclosing the locations
Passive ip traceback disclosing the locationsjpstudcorner
 
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMPREVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMPpaperpublications3
 
Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)Mumbai Academisc
 
Sudheer tech seminor
Sudheer tech seminorSudheer tech seminor
Sudheer tech seminorcharankumarreddy muddarla
 
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijripublishers Ijri
 
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...ijsptm
 
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...ClaraZara1
 
BasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet FiltersBasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet Filtersbhasker nalaveli
 
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSAN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSIJNSA Journal
 
IP spoofing attacks & defence
IP spoofing attacks & defenceIP spoofing attacks & defence
IP spoofing attacks & defencevisor999
 
An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...IAEME Publication
 
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...I3E Technologies
 
Generating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip IdentifierGenerating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip IdentifierIJERA Editor
 
Mobile IP
Mobile IPMobile IP
Mobile IPshankul07
 
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUESCOMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUESJournal For Research
 
Public Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and PreventionPublic Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and PreventionIJERA Editor
 
Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention International Journal of Science and Research (IJSR)
 
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...Journal For Research
 
A Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkA Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkIRJET Journal
 
M dgx mde0mdm=
M dgx mde0mdm=M dgx mde0mdm=
M dgx mde0mdm=International Journal of Science and Research (IJSR)
 
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...IJNSA Journal
 
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET Journal
 
A Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace BackA Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET Journal
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Contenu connexe

Similaire à trackingSpoofedIp.pptx

Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijripublishers Ijri
 
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...ijsptm
 
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...ClaraZara1
 
BasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet FiltersBasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet Filtersbhasker nalaveli
 
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSAN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSIJNSA Journal
 
IP spoofing attacks & defence
IP spoofing attacks & defenceIP spoofing attacks & defence
IP spoofing attacks & defencevisor999
 
An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...IAEME Publication
 
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...I3E Technologies
 
Generating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip IdentifierGenerating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip IdentifierIJERA Editor
 
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUESCOMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUESJournal For Research
 
Public Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and PreventionPublic Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and PreventionIJERA Editor
 
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...Journal For Research
 
A Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkA Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkIRJET Journal
 
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...IJNSA Journal
 
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET Journal
 
A Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace BackA Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET Journal
 

Similaire à trackingSpoofedIp.pptx (20)

Sudheer tech seminor
Sudheer tech seminorSudheer tech seminor
Sudheer tech seminor
 
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
 
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
 
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
 
BasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet FiltersBasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet Filters
 
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSAN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
 
IP spoofing attacks & defence
IP spoofing attacks & defenceIP spoofing attacks & defence
IP spoofing attacks & defence
 
An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...
 
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
 
Generating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip IdentifierGenerating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip Identifier
 
Mobile IP
Mobile IPMobile IP
Mobile IP
 
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUESCOMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
 
Public Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and PreventionPublic Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and Prevention
 
Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention
 
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
 
A Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkA Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back Framework
 
M dgx mde0mdm=
M dgx mde0mdm=M dgx mde0mdm=
M dgx mde0mdm=
 
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
 
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
 
A Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace BackA Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace Back
 

Dernier

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 

Dernier (20)

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 

trackingSpoofedIp.pptx

  • 1. Tracking Down Sources of Spoofed IP Packet NAME : GOPIKA Y REG NO : CEK19CS010 BATCH : S7 CSE GUIDE : Mrs. GEETHU RAJU G DEPARTMENT OF CSE COLLEGE OF ENGINEERING, KOTTARAKKARA TRACKING DOWN SOURCES OF SPOOFED IP PACKETS
  • 2. Tracking Down Sources of Spoofed IP Packet OVERVIEW  ABSTRACT  INTRODUCTION  EXISTING IP TRACEBACK METHODS  A NEW APPROACH  LOCATING SOURCES OF SPOOFED TRAFFIC  OPERATIONAL CONSIDERATIONS  CONCLUSION  REFERENCE 2
  • 3. Tracking Down Sources of Spoofed IP Packet ABSTRACT 3  IP spoofing, or IP address spoofing refers to the creation of Internet Protocol (IP) packets with a false source IP address to impersonate another computer system in order to access sensitive personal information.  Lack of authentication in the internet’s data plane allows hosts to falsify (spoof) the source IP address in packets headers, which forms the basis for amplification denial-of-service (DoS) attacks.  In a DoS attack, hackers use spoofed IP addresses to overwhelm computer servers with packets of data. There are some methods used to trace these spoofed IP packets and we are discussing about that.
  • 4. Tracking Down Sources of Spoofed IP Packet INTRODUCTION IP SPOOFING  It is a situation in which one person or person successfully masquerades as another by falsifying information/data and thereby gaining an legitimate advantage.  Also called IP address forgery or host file hijack. 4
  • 5. Tracking Down Sources of Spoofed IP Packet 5 TYPES OF IP SPOOFING ATTACK  The IP spoofing can further cause various attacks. 1. Blind Spoofing 2. Non-Blind Spoofing 3. Man-in-the-middle attack 4. Denial-of-service attack
  • 6. Tracking Down Sources of Spoofed IP Packet EXISTING IP TRACEBACK METHODS 6 Existing IP traceback methods can be categorized as Proactive and Reactive tracing Proactive Tracing : Prepares information for tracing when packets are in transit. Two proactive methods:  Packet marking  Messaging Reactive Tracing : Starts tracing after an attack is detected.
  • 7. Tracking Down Sources of Spoofed IP Packet A NEW APPROACH 7  A network operator can estimate the volume of spoofed traffic received at each of its network’s peering links and the set of networks routed toward each peering link (a catchment).  An operator can change the announcements for an IP prefix to induce changes to routes toward their prefixes and, more importantly, in the catchment of each peering link.  The catchment changes, in turn, impact the volume of spoofed traffic observed at each peering link.
  • 8. Tracking Down Sources of Spoofed IP Packet 8
  • 9. Tracking Down Sources of Spoofed IP Packet 9  In Configuration 1, the operator announces a prefix through three peering links with networks m, n, and p; measures the catchment (colored polygons) and traffic arriving on each peering link; and identifies that the spoofed traffic is concentrated on the link with n, i.e., sent by networks in n’s catchment (red arrow).  The operator later withdraws the announcement to n (Configuration 2), measures catchments and traffic volumes again, and identifies that the spoofed traffic is now concentrated on the peering link with m.  Configuration 3 announces the prefix from n again, but poisoning AS u (which causes AS u to ignore the route from n and choose the route from p instead). The operator can measure catchments and traffic to identify that the spoofed traffic is concentrated on the peering link with p.  Finally, the operator can intersect the measured catchments to partition networks into clusters (bottom right), and correlate clusters with observed spoofed traffic (red arrows) to identify that the spoofed traffic is concentrated on networks comprising λ.
  • 10. Tracking Down Sources of Spoofed IP Packet LOCATING SOURCES OF SPOOFED TRAFFIC 10 1. INDUCED ROUTING CHANGES a) Varying announcement locations b) Iterative AS-path prepending c) Targeted AS-path poisoning 2. CORRELATING OBSERVATIONS 3. ESTIMATING VOLUME OF SPOOFED TRAFFIC
  • 11. Tracking Down Sources of Spoofed IP Packet OPERATIONAL CONSIDERATIONS 11 1. Deployment Requirements  This technique generate anycast announcements.  Multiple small networks can cooperate to announce the same prefix and operate as a larger network that controls all of their peering links. 2. Requirements on Spoofed Traffic  Our techniques can be applied even when the volume of spoofed traffic is small, as it only requires information about which peering link is receiving spoofed traffic. 3. Measuring Catchment  Chose this approach as PEERING prefixes receive very little traffic and restricts active probing using its resources
  • 12. Tracking Down Sources of Spoofed IP Packet CONCLUSION  Our control-plane traceback technique can be deployed by any network with rich connectivity today, without changes to routers, and does not require cooperation from other networks.  Our results using the PEERING platform indicate that our proposed techniques to generate announcement configurations can effectively manipulate routes and induce catchment changes, allowing tracking down the sources of spoofed traffic. 12
  • 13. Tracking Down Sources of Spoofed IP Packet REFERENCE [1] Osvaldo Fonseca, Italo Cunha, Elverton Fazzion, Brivaldo Junior, Ronaldo A. Ferreira and Ethan Katz-Bassett, “Tracking Down Sources of Spoofed IP Packets”, in CoNEXT ’19 Companion, December 9–12,2019, Orlando, FL, USA. [2] Osvaldo Fonseca, Italo Cunha, Elverton Fazzion, Wagner Meira Jr., Brivaldo Junior, Ronaldo A. Ferreira and Ethan Katz-Bassett, “Identifying Networks Vulnerable to IP Spoofing”, in 2021 IEEE Transactions on Network and Service Management [3] Alaaeldin A. Aly and Ezedin Barka, “Tracking and Tracing Spoofed IP Packets to Their Sources”, in 2022, The Sixth Annual U.A.E. Research Conference [4] Ayman Mukaddam, Imad Elhajj, Ayman Kayssi and Ali Chehab, “IP Spoofing Detection”, in 2014 IEE 28th International Conference on Advanced Information Networking and Applications, 512-516, 2014. 13
  • 14. Tracking Down Sources of Spoofed IP Packet 14 THANK YOU