SlideShare uma empresa Scribd logo

trackingSpoofedIp.pptx

Transferir como PPTX, PDF
B
BincySam2

Tracking spoofed Ip

Tecnologia
1 de 14
Tracking Down Sources of Spoofed IP Packet NAME : GOPIKA Y REG NO : CEK19CS010 BATCH : S7 CSE GUIDE : Mrs. GEETHU RAJU G DEPARTMENT OF CSE COLLEGE OF ENGINEERING, KOTTARAKKARA TRACKING DOWN SOURCES OF SPOOFED IP PACKETS
Tracking Down Sources of Spoofed IP Packet OVERVIEW  ABSTRACT  INTRODUCTION  EXISTING IP TRACEBACK METHODS  A NEW APPROACH  LOCATING SOURCES OF SPOOFED TRAFFIC  OPERATIONAL CONSIDERATIONS  CONCLUSION  REFERENCE 2
Tracking Down Sources of Spoofed IP Packet ABSTRACT 3  IP spoofing, or IP address spoofing refers to the creation of Internet Protocol (IP) packets with a false source IP address to impersonate another computer system in order to access sensitive personal information.  Lack of authentication in the internet’s data plane allows hosts to falsify (spoof) the source IP address in packets headers, which forms the basis for amplification denial-of-service (DoS) attacks.  In a DoS attack, hackers use spoofed IP addresses to overwhelm computer servers with packets of data. There are some methods used to trace these spoofed IP packets and we are discussing about that.
Tracking Down Sources of Spoofed IP Packet INTRODUCTION IP SPOOFING  It is a situation in which one person or person successfully masquerades as another by falsifying information/data and thereby gaining an legitimate advantage.  Also called IP address forgery or host file hijack. 4
Tracking Down Sources of Spoofed IP Packet 5 TYPES OF IP SPOOFING ATTACK  The IP spoofing can further cause various attacks. 1. Blind Spoofing 2. Non-Blind Spoofing 3. Man-in-the-middle attack 4. Denial-of-service attack
Tracking Down Sources of Spoofed IP Packet EXISTING IP TRACEBACK METHODS 6 Existing IP traceback methods can be categorized as Proactive and Reactive tracing Proactive Tracing : Prepares information for tracing when packets are in transit. Two proactive methods:  Packet marking  Messaging Reactive Tracing : Starts tracing after an attack is detected.
Tracking Down Sources of Spoofed IP Packet A NEW APPROACH 7  A network operator can estimate the volume of spoofed traffic received at each of its network’s peering links and the set of networks routed toward each peering link (a catchment).  An operator can change the announcements for an IP prefix to induce changes to routes toward their prefixes and, more importantly, in the catchment of each peering link.  The catchment changes, in turn, impact the volume of spoofed traffic observed at each peering link.
Tracking Down Sources of Spoofed IP Packet 8
Tracking Down Sources of Spoofed IP Packet 9  In Configuration 1, the operator announces a prefix through three peering links with networks m, n, and p; measures the catchment (colored polygons) and traffic arriving on each peering link; and identifies that the spoofed traffic is concentrated on the link with n, i.e., sent by networks in n’s catchment (red arrow).  The operator later withdraws the announcement to n (Configuration 2), measures catchments and traffic volumes again, and identifies that the spoofed traffic is now concentrated on the peering link with m.  Configuration 3 announces the prefix from n again, but poisoning AS u (which causes AS u to ignore the route from n and choose the route from p instead). The operator can measure catchments and traffic to identify that the spoofed traffic is concentrated on the peering link with p.  Finally, the operator can intersect the measured catchments to partition networks into clusters (bottom right), and correlate clusters with observed spoofed traffic (red arrows) to identify that the spoofed traffic is concentrated on networks comprising λ.
Tracking Down Sources of Spoofed IP Packet LOCATING SOURCES OF SPOOFED TRAFFIC 10 1. INDUCED ROUTING CHANGES a) Varying announcement locations b) Iterative AS-path prepending c) Targeted AS-path poisoning 2. CORRELATING OBSERVATIONS 3. ESTIMATING VOLUME OF SPOOFED TRAFFIC
Tracking Down Sources of Spoofed IP Packet OPERATIONAL CONSIDERATIONS 11 1. Deployment Requirements  This technique generate anycast announcements.  Multiple small networks can cooperate to announce the same prefix and operate as a larger network that controls all of their peering links. 2. Requirements on Spoofed Traffic  Our techniques can be applied even when the volume of spoofed traffic is small, as it only requires information about which peering link is receiving spoofed traffic. 3. Measuring Catchment  Chose this approach as PEERING prefixes receive very little traffic and restricts active probing using its resources
Tracking Down Sources of Spoofed IP Packet CONCLUSION  Our control-plane traceback technique can be deployed by any network with rich connectivity today, without changes to routers, and does not require cooperation from other networks.  Our results using the PEERING platform indicate that our proposed techniques to generate announcement configurations can effectively manipulate routes and induce catchment changes, allowing tracking down the sources of spoofed traffic. 12
Tracking Down Sources of Spoofed IP Packet REFERENCE [1] Osvaldo Fonseca, Italo Cunha, Elverton Fazzion, Brivaldo Junior, Ronaldo A. Ferreira and Ethan Katz-Bassett, “Tracking Down Sources of Spoofed IP Packets”, in CoNEXT ’19 Companion, December 9–12,2019, Orlando, FL, USA. [2] Osvaldo Fonseca, Italo Cunha, Elverton Fazzion, Wagner Meira Jr., Brivaldo Junior, Ronaldo A. Ferreira and Ethan Katz-Bassett, “Identifying Networks Vulnerable to IP Spoofing”, in 2021 IEEE Transactions on Network and Service Management [3] Alaaeldin A. Aly and Ezedin Barka, “Tracking and Tracing Spoofed IP Packets to Their Sources”, in 2022, The Sixth Annual U.A.E. Research Conference [4] Ayman Mukaddam, Imad Elhajj, Ayman Kayssi and Ali Chehab, “IP Spoofing Detection”, in 2014 IEE 28th International Conference on Advanced Information Networking and Applications, 512-516, 2014. 13
Tracking Down Sources of Spoofed IP Packet 14 THANK YOU

Recomendados

IRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP SpoofingIRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET Journal
 
INTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPERINTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED,REFERRED,MULTILINGUAL,INTERDISCIPLINARY, MONTHLY RESEARCH JOURNAL
 
A017510102
A017510102A017510102
A017510102
IOSR Journals
 
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...
1crore projects
 
Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Pvrtechnologies Nellore
 
Passive ip traceback disclosing the locations
Passive ip traceback disclosing the locationsPassive ip traceback disclosing the locations
Passive ip traceback disclosing the locations
jpstudcorner
 
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMPREVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
paperpublications3
 
Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)
Mumbai Academisc
 

Recomendados

IRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP SpoofingIRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET Journal
 
INTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPERINTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED,REFERRED,MULTILINGUAL,INTERDISCIPLINARY, MONTHLY RESEARCH JOURNAL
 
A017510102
A017510102A017510102
A017510102
IOSR Journals
 
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...
1crore projects
 
Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Pvrtechnologies Nellore
 
Passive ip traceback disclosing the locations
Passive ip traceback disclosing the locationsPassive ip traceback disclosing the locations
Passive ip traceback disclosing the locations
jpstudcorner
 
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMPREVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
paperpublications3
 
Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)
Mumbai Academisc
 
Sudheer tech seminor
Sudheer tech seminorSudheer tech seminor
Sudheer tech seminor
charankumarreddy muddarla
 
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijripublishers Ijri
 
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
ijsptm
 
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
ClaraZara1
 
BasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet FiltersBasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet Filters
bhasker nalaveli
 
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSAN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
IJNSA Journal
 
IP spoofing attacks & defence
IP spoofing attacks & defenceIP spoofing attacks & defence
IP spoofing attacks & defence
visor999
 
An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...
IAEME Publication
 
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
I3E Technologies
 
Generating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip IdentifierGenerating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip Identifier
IJERA Editor
 
Mobile IP
Mobile IPMobile IP
Mobile IP
shankul07
 
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUESCOMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
Journal For Research
 
Public Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and PreventionPublic Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and Prevention
IJERA Editor
 
Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention
International Journal of Science and Research (IJSR)
 
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
Journal For Research
 
A Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkA Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back Framework
IRJET Journal
 
M dgx mde0mdm=
M dgx mde0mdm=M dgx mde0mdm=
M dgx mde0mdm=
International Journal of Science and Research (IJSR)
 
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
IJNSA Journal
 
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET Journal
 
A Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace BackA Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET Journal
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
apidays
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Mais conteúdo relacionado

Semelhante a trackingSpoofedIp.pptx

Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijripublishers Ijri
 
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
ijsptm
 
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
ClaraZara1
 
BasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet FiltersBasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet Filters
bhasker nalaveli
 
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSAN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
IJNSA Journal
 
IP spoofing attacks & defence
IP spoofing attacks & defenceIP spoofing attacks & defence
IP spoofing attacks & defence
visor999
 
Public Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and PreventionPublic Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and Prevention
IJERA Editor
 
Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention
International Journal of Science and Research (IJSR)
 
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
Journal For Research
 
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
IJNSA Journal
 

Semelhante a trackingSpoofedIp.pptx (20)

Sudheer tech seminor
Sudheer tech seminorSudheer tech seminor
Sudheer tech seminor
 
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
 
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
 
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
 
BasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet FiltersBasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet Filters
 
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSAN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
 
IP spoofing attacks & defence
IP spoofing attacks & defenceIP spoofing attacks & defence
IP spoofing attacks & defence
 
An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...
 
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
 
Generating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip IdentifierGenerating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip Identifier
 
Mobile IP
Mobile IPMobile IP
Mobile IP
 
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUESCOMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
 
Public Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and PreventionPublic Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and Prevention
 
Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention
 
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
 
A Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkA Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back Framework
 
M dgx mde0mdm=
M dgx mde0mdm=M dgx mde0mdm=
M dgx mde0mdm=
 
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
 
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
 
A Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace BackA Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace Back
 

Último

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 

Último (20)

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 

trackingSpoofedIp.pptx

  • 1. Tracking Down Sources of Spoofed IP Packet NAME : GOPIKA Y REG NO : CEK19CS010 BATCH : S7 CSE GUIDE : Mrs. GEETHU RAJU G DEPARTMENT OF CSE COLLEGE OF ENGINEERING, KOTTARAKKARA TRACKING DOWN SOURCES OF SPOOFED IP PACKETS
  • 2. Tracking Down Sources of Spoofed IP Packet OVERVIEW  ABSTRACT  INTRODUCTION  EXISTING IP TRACEBACK METHODS  A NEW APPROACH  LOCATING SOURCES OF SPOOFED TRAFFIC  OPERATIONAL CONSIDERATIONS  CONCLUSION  REFERENCE 2
  • 3. Tracking Down Sources of Spoofed IP Packet ABSTRACT 3  IP spoofing, or IP address spoofing refers to the creation of Internet Protocol (IP) packets with a false source IP address to impersonate another computer system in order to access sensitive personal information.  Lack of authentication in the internet’s data plane allows hosts to falsify (spoof) the source IP address in packets headers, which forms the basis for amplification denial-of-service (DoS) attacks.  In a DoS attack, hackers use spoofed IP addresses to overwhelm computer servers with packets of data. There are some methods used to trace these spoofed IP packets and we are discussing about that.
  • 4. Tracking Down Sources of Spoofed IP Packet INTRODUCTION IP SPOOFING  It is a situation in which one person or person successfully masquerades as another by falsifying information/data and thereby gaining an legitimate advantage.  Also called IP address forgery or host file hijack. 4
  • 5. Tracking Down Sources of Spoofed IP Packet 5 TYPES OF IP SPOOFING ATTACK  The IP spoofing can further cause various attacks. 1. Blind Spoofing 2. Non-Blind Spoofing 3. Man-in-the-middle attack 4. Denial-of-service attack
  • 6. Tracking Down Sources of Spoofed IP Packet EXISTING IP TRACEBACK METHODS 6 Existing IP traceback methods can be categorized as Proactive and Reactive tracing Proactive Tracing : Prepares information for tracing when packets are in transit. Two proactive methods:  Packet marking  Messaging Reactive Tracing : Starts tracing after an attack is detected.
  • 7. Tracking Down Sources of Spoofed IP Packet A NEW APPROACH 7  A network operator can estimate the volume of spoofed traffic received at each of its network’s peering links and the set of networks routed toward each peering link (a catchment).  An operator can change the announcements for an IP prefix to induce changes to routes toward their prefixes and, more importantly, in the catchment of each peering link.  The catchment changes, in turn, impact the volume of spoofed traffic observed at each peering link.
  • 8. Tracking Down Sources of Spoofed IP Packet 8
  • 9. Tracking Down Sources of Spoofed IP Packet 9  In Configuration 1, the operator announces a prefix through three peering links with networks m, n, and p; measures the catchment (colored polygons) and traffic arriving on each peering link; and identifies that the spoofed traffic is concentrated on the link with n, i.e., sent by networks in n’s catchment (red arrow).  The operator later withdraws the announcement to n (Configuration 2), measures catchments and traffic volumes again, and identifies that the spoofed traffic is now concentrated on the peering link with m.  Configuration 3 announces the prefix from n again, but poisoning AS u (which causes AS u to ignore the route from n and choose the route from p instead). The operator can measure catchments and traffic to identify that the spoofed traffic is concentrated on the peering link with p.  Finally, the operator can intersect the measured catchments to partition networks into clusters (bottom right), and correlate clusters with observed spoofed traffic (red arrows) to identify that the spoofed traffic is concentrated on networks comprising λ.
  • 10. Tracking Down Sources of Spoofed IP Packet LOCATING SOURCES OF SPOOFED TRAFFIC 10 1. INDUCED ROUTING CHANGES a) Varying announcement locations b) Iterative AS-path prepending c) Targeted AS-path poisoning 2. CORRELATING OBSERVATIONS 3. ESTIMATING VOLUME OF SPOOFED TRAFFIC
  • 11. Tracking Down Sources of Spoofed IP Packet OPERATIONAL CONSIDERATIONS 11 1. Deployment Requirements  This technique generate anycast announcements.  Multiple small networks can cooperate to announce the same prefix and operate as a larger network that controls all of their peering links. 2. Requirements on Spoofed Traffic  Our techniques can be applied even when the volume of spoofed traffic is small, as it only requires information about which peering link is receiving spoofed traffic. 3. Measuring Catchment  Chose this approach as PEERING prefixes receive very little traffic and restricts active probing using its resources
  • 12. Tracking Down Sources of Spoofed IP Packet CONCLUSION  Our control-plane traceback technique can be deployed by any network with rich connectivity today, without changes to routers, and does not require cooperation from other networks.  Our results using the PEERING platform indicate that our proposed techniques to generate announcement configurations can effectively manipulate routes and induce catchment changes, allowing tracking down the sources of spoofed traffic. 12
  • 13. Tracking Down Sources of Spoofed IP Packet REFERENCE [1] Osvaldo Fonseca, Italo Cunha, Elverton Fazzion, Brivaldo Junior, Ronaldo A. Ferreira and Ethan Katz-Bassett, “Tracking Down Sources of Spoofed IP Packets”, in CoNEXT ’19 Companion, December 9–12,2019, Orlando, FL, USA. [2] Osvaldo Fonseca, Italo Cunha, Elverton Fazzion, Wagner Meira Jr., Brivaldo Junior, Ronaldo A. Ferreira and Ethan Katz-Bassett, “Identifying Networks Vulnerable to IP Spoofing”, in 2021 IEEE Transactions on Network and Service Management [3] Alaaeldin A. Aly and Ezedin Barka, “Tracking and Tracing Spoofed IP Packets to Their Sources”, in 2022, The Sixth Annual U.A.E. Research Conference [4] Ayman Mukaddam, Imad Elhajj, Ayman Kayssi and Ali Chehab, “IP Spoofing Detection”, in 2014 IEE 28th International Conference on Advanced Information Networking and Applications, 512-516, 2014. 13
  • 14. Tracking Down Sources of Spoofed IP Packet 14 THANK YOU