4. CONTROLLING IP SPOOFING
IP addresses are unique addresses used to identify a node on the network. But the attackers have been able to fake or spoof their IP addresses masquerading as someone else while they do the malicious work, and this in a sense defeats the point of having an address system for uniquely identifying everyone. Thus considerable research is being carried out to detect such digital impostors and reveal at the very least stop them from accessing the resource if the spoofing can’t be stopped. IP spoofing is very popular for reasons like it makes discerning of attack traffic from legit one extremely difficult and it also makes it difficult to pinpoint the true attacker. IP spoofing is used by many DDOS attacks because to the …show more content…
The solution to this problem leverages the same loophole as the one leveraged by attackers; the source address of the packet can be spoofed but the attacker has no control over the route that the packet will take. Hence it is this key observation that made the solution possible, that is analyze what can’t be manipulated by the attacker; the route. Now if a system knows about the best path from a given source to any destination and if it also has some information about the global topology, it can easily analyze the route a packet took and immediately decide if it really originated from the address that it claims to be. If a packet is genuine, it must have followed the best path but if the path is different. It means that the packet originated from somewhere else and that is why it didn’t take the expected best path. The only disadvantage to this system is that it is not feasible on path vector based routing system. A path vector protocol is a computer network routing protocol which maintains the path information that gets updated dynamically. Updates which have looped through the network and returned to the same node are easily detected and discarded [3]. Now current Internet uses BGP which is in essence a path vector …show more content…
The internet consists of a large number of network domains that are called autonomous systems (AS). Autonomous Systems provide internet access to servers and to one another based on the relationships between autonomous systems. These relationships can be broken down into three main categories:
• Provider-Customer relationship: In this relationship the customer pays the provider to carry his/her traffic to and fro the provider’s network. The network providers’ networks are generally quite huge and they offer their networks to carry customer’s traffic in return for fees. An example would be the Internet Service Providers (ISPs) and mobile network companies.
• Peer-to-peer relationship: In this type of relationship two networks agree to carry each other’s traffic and their customer’s traffic. Since they both carry each other’s traffic, they don’t have to pay each other. This is usually done by network systems of about the same sizes and network providers do this to increase their reach to more customers which would have been far more expensive for both providers if they would have tried to do it individually. Many cellphone service providers make contracts to carry each other’s data so that they can provide services to their customers even in regions where they don’t have cell towers but the other company has, and in return they carry the other company’s traffic from regions where the other one doesn’t
IP addresses are unique addresses used to identify a node on the network. But the attackers have been able to fake or spoof their IP addresses masquerading as someone else while they do the malicious work, and this in a sense defeats the point of having an address system for uniquely identifying everyone. Thus considerable research is being carried out to detect such digital impostors and reveal at the very least stop them from accessing the resource if the spoofing can’t be stopped. IP spoofing is very popular for reasons like it makes discerning of attack traffic from legit one extremely difficult and it also makes it difficult to pinpoint the true attacker. IP spoofing is used by many DDOS attacks because to the …show more content…
The solution to this problem leverages the same loophole as the one leveraged by attackers; the source address of the packet can be spoofed but the attacker has no control over the route that the packet will take. Hence it is this key observation that made the solution possible, that is analyze what can’t be manipulated by the attacker; the route. Now if a system knows about the best path from a given source to any destination and if it also has some information about the global topology, it can easily analyze the route a packet took and immediately decide if it really originated from the address that it claims to be. If a packet is genuine, it must have followed the best path but if the path is different. It means that the packet originated from somewhere else and that is why it didn’t take the expected best path. The only disadvantage to this system is that it is not feasible on path vector based routing system. A path vector protocol is a computer network routing protocol which maintains the path information that gets updated dynamically. Updates which have looped through the network and returned to the same node are easily detected and discarded [3]. Now current Internet uses BGP which is in essence a path vector …show more content…
The internet consists of a large number of network domains that are called autonomous systems (AS). Autonomous Systems provide internet access to servers and to one another based on the relationships between autonomous systems. These relationships can be broken down into three main categories:
• Provider-Customer relationship: In this relationship the customer pays the provider to carry his/her traffic to and fro the provider’s network. The network providers’ networks are generally quite huge and they offer their networks to carry customer’s traffic in return for fees. An example would be the Internet Service Providers (ISPs) and mobile network companies.
• Peer-to-peer relationship: In this type of relationship two networks agree to carry each other’s traffic and their customer’s traffic. Since they both carry each other’s traffic, they don’t have to pay each other. This is usually done by network systems of about the same sizes and network providers do this to increase their reach to more customers which would have been far more expensive for both providers if they would have tried to do it individually. Many cellphone service providers make contracts to carry each other’s data so that they can provide services to their customers even in regions where they don’t have cell towers but the other company has, and in return they carry the other company’s traffic from regions where the other one doesn’t