SlideShare a Scribd company logo

trackingSpoofedIp.pptx

Download as PPTX, PDF
B
BincySam2

Tracking spoofed Ip

Technology
1 of 14
Tracking Down Sources of Spoofed IP Packet NAME : GOPIKA Y REG NO : CEK19CS010 BATCH : S7 CSE GUIDE : Mrs. GEETHU RAJU G DEPARTMENT OF CSE COLLEGE OF ENGINEERING, KOTTARAKKARA TRACKING DOWN SOURCES OF SPOOFED IP PACKETS
Tracking Down Sources of Spoofed IP Packet OVERVIEW  ABSTRACT  INTRODUCTION  EXISTING IP TRACEBACK METHODS  A NEW APPROACH  LOCATING SOURCES OF SPOOFED TRAFFIC  OPERATIONAL CONSIDERATIONS  CONCLUSION  REFERENCE 2
Tracking Down Sources of Spoofed IP Packet ABSTRACT 3  IP spoofing, or IP address spoofing refers to the creation of Internet Protocol (IP) packets with a false source IP address to impersonate another computer system in order to access sensitive personal information.  Lack of authentication in the internet’s data plane allows hosts to falsify (spoof) the source IP address in packets headers, which forms the basis for amplification denial-of-service (DoS) attacks.  In a DoS attack, hackers use spoofed IP addresses to overwhelm computer servers with packets of data. There are some methods used to trace these spoofed IP packets and we are discussing about that.
Tracking Down Sources of Spoofed IP Packet INTRODUCTION IP SPOOFING  It is a situation in which one person or person successfully masquerades as another by falsifying information/data and thereby gaining an legitimate advantage.  Also called IP address forgery or host file hijack. 4
Tracking Down Sources of Spoofed IP Packet 5 TYPES OF IP SPOOFING ATTACK  The IP spoofing can further cause various attacks. 1. Blind Spoofing 2. Non-Blind Spoofing 3. Man-in-the-middle attack 4. Denial-of-service attack
Tracking Down Sources of Spoofed IP Packet EXISTING IP TRACEBACK METHODS 6 Existing IP traceback methods can be categorized as Proactive and Reactive tracing Proactive Tracing : Prepares information for tracing when packets are in transit. Two proactive methods:  Packet marking  Messaging Reactive Tracing : Starts tracing after an attack is detected.
Tracking Down Sources of Spoofed IP Packet A NEW APPROACH 7  A network operator can estimate the volume of spoofed traffic received at each of its network’s peering links and the set of networks routed toward each peering link (a catchment).  An operator can change the announcements for an IP prefix to induce changes to routes toward their prefixes and, more importantly, in the catchment of each peering link.  The catchment changes, in turn, impact the volume of spoofed traffic observed at each peering link.
Tracking Down Sources of Spoofed IP Packet 8
Tracking Down Sources of Spoofed IP Packet 9  In Configuration 1, the operator announces a prefix through three peering links with networks m, n, and p; measures the catchment (colored polygons) and traffic arriving on each peering link; and identifies that the spoofed traffic is concentrated on the link with n, i.e., sent by networks in n’s catchment (red arrow).  The operator later withdraws the announcement to n (Configuration 2), measures catchments and traffic volumes again, and identifies that the spoofed traffic is now concentrated on the peering link with m.  Configuration 3 announces the prefix from n again, but poisoning AS u (which causes AS u to ignore the route from n and choose the route from p instead). The operator can measure catchments and traffic to identify that the spoofed traffic is concentrated on the peering link with p.  Finally, the operator can intersect the measured catchments to partition networks into clusters (bottom right), and correlate clusters with observed spoofed traffic (red arrows) to identify that the spoofed traffic is concentrated on networks comprising λ.
Tracking Down Sources of Spoofed IP Packet LOCATING SOURCES OF SPOOFED TRAFFIC 10 1. INDUCED ROUTING CHANGES a) Varying announcement locations b) Iterative AS-path prepending c) Targeted AS-path poisoning 2. CORRELATING OBSERVATIONS 3. ESTIMATING VOLUME OF SPOOFED TRAFFIC
Tracking Down Sources of Spoofed IP Packet OPERATIONAL CONSIDERATIONS 11 1. Deployment Requirements  This technique generate anycast announcements.  Multiple small networks can cooperate to announce the same prefix and operate as a larger network that controls all of their peering links. 2. Requirements on Spoofed Traffic  Our techniques can be applied even when the volume of spoofed traffic is small, as it only requires information about which peering link is receiving spoofed traffic. 3. Measuring Catchment  Chose this approach as PEERING prefixes receive very little traffic and restricts active probing using its resources
Tracking Down Sources of Spoofed IP Packet CONCLUSION  Our control-plane traceback technique can be deployed by any network with rich connectivity today, without changes to routers, and does not require cooperation from other networks.  Our results using the PEERING platform indicate that our proposed techniques to generate announcement configurations can effectively manipulate routes and induce catchment changes, allowing tracking down the sources of spoofed traffic. 12
Tracking Down Sources of Spoofed IP Packet REFERENCE [1] Osvaldo Fonseca, Italo Cunha, Elverton Fazzion, Brivaldo Junior, Ronaldo A. Ferreira and Ethan Katz-Bassett, “Tracking Down Sources of Spoofed IP Packets”, in CoNEXT ’19 Companion, December 9–12,2019, Orlando, FL, USA. [2] Osvaldo Fonseca, Italo Cunha, Elverton Fazzion, Wagner Meira Jr., Brivaldo Junior, Ronaldo A. Ferreira and Ethan Katz-Bassett, “Identifying Networks Vulnerable to IP Spoofing”, in 2021 IEEE Transactions on Network and Service Management [3] Alaaeldin A. Aly and Ezedin Barka, “Tracking and Tracing Spoofed IP Packets to Their Sources”, in 2022, The Sixth Annual U.A.E. Research Conference [4] Ayman Mukaddam, Imad Elhajj, Ayman Kayssi and Ali Chehab, “IP Spoofing Detection”, in 2014 IEE 28th International Conference on Advanced Information Networking and Applications, 512-516, 2014. 13
Tracking Down Sources of Spoofed IP Packet 14 THANK YOU

Recommended

IRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP SpoofingIRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP SpoofingIRJET Journal
 
INTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPERINTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPERINTERNATIONAL INDEXED,REFERRED,MULTILINGUAL,INTERDISCIPLINARY, MONTHLY RESEARCH JOURNAL
 
A017510102
A017510102A017510102
A017510102IOSR Journals
 
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...1crore projects
 
Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...Pvrtechnologies Nellore
 
Passive ip traceback disclosing the locations
Passive ip traceback disclosing the locationsPassive ip traceback disclosing the locations
Passive ip traceback disclosing the locationsjpstudcorner
 
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMPREVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMPpaperpublications3
 
Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)Mumbai Academisc
 

Recommended

IRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP SpoofingIRJET- Constructing Inter Domain Packet Filter for Controlling IP Spoofing
IRJET- Constructing Inter Domain Packet Filter for Controlling IP SpoofingIRJET Journal
 
INTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPERINTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPERINTERNATIONAL INDEXED,REFERRED,MULTILINGUAL,INTERDISCIPLINARY, MONTHLY RESEARCH JOURNAL
 
A017510102
A017510102A017510102
A017510102IOSR Journals
 
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...1crore projects
 
Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...Pvrtechnologies Nellore
 
Passive ip traceback disclosing the locations
Passive ip traceback disclosing the locationsPassive ip traceback disclosing the locations
Passive ip traceback disclosing the locationsjpstudcorner
 
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMPREVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMPpaperpublications3
 
Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)Mumbai Academisc
 
Sudheer tech seminor
Sudheer tech seminorSudheer tech seminor
Sudheer tech seminorcharankumarreddy muddarla
 
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijripublishers Ijri
 
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...ijsptm
 
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...ClaraZara1
 
BasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet FiltersBasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet Filtersbhasker nalaveli
 
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSAN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSIJNSA Journal
 
IP spoofing attacks & defence
IP spoofing attacks & defenceIP spoofing attacks & defence
IP spoofing attacks & defencevisor999
 
An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...IAEME Publication
 
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...I3E Technologies
 
Generating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip IdentifierGenerating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip IdentifierIJERA Editor
 
Mobile IP
Mobile IPMobile IP
Mobile IPshankul07
 
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUESCOMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUESJournal For Research
 
Public Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and PreventionPublic Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and PreventionIJERA Editor
 
Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention International Journal of Science and Research (IJSR)
 
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...Journal For Research
 
A Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkA Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkIRJET Journal
 
M dgx mde0mdm=
M dgx mde0mdm=M dgx mde0mdm=
M dgx mde0mdm=International Journal of Science and Research (IJSR)
 
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...IJNSA Journal
 
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET Journal
 
A Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace BackA Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET Journal
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctBrainSell Technologies
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxFIDO Alliance
 

More Related Content

Similar to trackingSpoofedIp.pptx

Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijripublishers Ijri
 
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...ijsptm
 
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...ClaraZara1
 
BasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet FiltersBasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet Filtersbhasker nalaveli
 
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSAN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSIJNSA Journal
 
IP spoofing attacks & defence
IP spoofing attacks & defenceIP spoofing attacks & defence
IP spoofing attacks & defencevisor999
 
An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...IAEME Publication
 
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...I3E Technologies
 
Generating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip IdentifierGenerating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip IdentifierIJERA Editor
 
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUESCOMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUESJournal For Research
 
Public Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and PreventionPublic Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and PreventionIJERA Editor
 
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...Journal For Research
 
A Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkA Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkIRJET Journal
 
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...IJNSA Journal
 
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET Journal
 
A Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace BackA Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET Journal
 

Similar to trackingSpoofedIp.pptx (20)

Sudheer tech seminor
Sudheer tech seminorSudheer tech seminor
Sudheer tech seminor
 
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...
 
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
 
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
 
BasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet FiltersBasepaperControlling IP Spoofing through Interdomain Packet Filters
BasepaperControlling IP Spoofing through Interdomain Packet Filters
 
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSAN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
 
IP spoofing attacks & defence
IP spoofing attacks & defenceIP spoofing attacks & defence
IP spoofing attacks & defence
 
An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...An enhanced ip traceback mechanism for tracking the attack source using packe...
An enhanced ip traceback mechanism for tracking the attack source using packe...
 
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
 
Generating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip IdentifierGenerating Router Level Topology Using Dns And Ip Identifier
Generating Router Level Topology Using Dns And Ip Identifier
 
Mobile IP
Mobile IPMobile IP
Mobile IP
 
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUESCOMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
COMPARATIVE STUDY OF IP TRACEBACK TECHNIQUES
 
Public Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and PreventionPublic Key Cryptosystem Approach for P2P Botnet Detection and Prevention
Public Key Cryptosystem Approach for P2P Botnet Detection and Prevention
 
Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention
 
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
BYPASSING OF DEPLOYMENT DIFFICULTIES OF IP TRACEBACK TECHNIQUES USING NEW PAS...
 
A Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkA Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back Framework
 
M dgx mde0mdm=
M dgx mde0mdm=M dgx mde0mdm=
M dgx mde0mdm=
 
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND I...
 
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace BackIRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
IRJET-A Survey On Opportunistic Piggyback Marking For IP Trace Back
 
A Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace BackA Survey On Opportunistic Piggyback Marking For IP Trace Back
A Survey On Opportunistic Piggyback Marking For IP Trace Back
 

Recently uploaded

ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctBrainSell Technologies
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxFIDO Alliance
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...marcuskenyatta275
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdfMuhammad Subhan
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGDSC PJATK
 
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Skynet Technologies
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Paige Cruz
 
Generative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdfGenerative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdfalexjohnson7307
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...ScyllaDB
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewDianaGray10
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...panagenda
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?Mark Billinghurst
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxFIDO Alliance
 
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdfFrisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdfAnubhavMangla3
 
Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireExakis Nelite
 
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?Paolo Missier
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!Memoori
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfdanishmna97
 
Revolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial IntelligenceRevolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial IntelligencePrecisely
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxFIDO Alliance
 

Recently uploaded (20)

ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage Intacct
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
 
Generative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdfGenerative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdf
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overview
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptx
 
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdfFrisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
 
Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - Questionnaire
 
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
Revolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial IntelligenceRevolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial Intelligence
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
 

trackingSpoofedIp.pptx

  • 1. Tracking Down Sources of Spoofed IP Packet NAME : GOPIKA Y REG NO : CEK19CS010 BATCH : S7 CSE GUIDE : Mrs. GEETHU RAJU G DEPARTMENT OF CSE COLLEGE OF ENGINEERING, KOTTARAKKARA TRACKING DOWN SOURCES OF SPOOFED IP PACKETS
  • 2. Tracking Down Sources of Spoofed IP Packet OVERVIEW  ABSTRACT  INTRODUCTION  EXISTING IP TRACEBACK METHODS  A NEW APPROACH  LOCATING SOURCES OF SPOOFED TRAFFIC  OPERATIONAL CONSIDERATIONS  CONCLUSION  REFERENCE 2
  • 3. Tracking Down Sources of Spoofed IP Packet ABSTRACT 3  IP spoofing, or IP address spoofing refers to the creation of Internet Protocol (IP) packets with a false source IP address to impersonate another computer system in order to access sensitive personal information.  Lack of authentication in the internet’s data plane allows hosts to falsify (spoof) the source IP address in packets headers, which forms the basis for amplification denial-of-service (DoS) attacks.  In a DoS attack, hackers use spoofed IP addresses to overwhelm computer servers with packets of data. There are some methods used to trace these spoofed IP packets and we are discussing about that.
  • 4. Tracking Down Sources of Spoofed IP Packet INTRODUCTION IP SPOOFING  It is a situation in which one person or person successfully masquerades as another by falsifying information/data and thereby gaining an legitimate advantage.  Also called IP address forgery or host file hijack. 4
  • 5. Tracking Down Sources of Spoofed IP Packet 5 TYPES OF IP SPOOFING ATTACK  The IP spoofing can further cause various attacks. 1. Blind Spoofing 2. Non-Blind Spoofing 3. Man-in-the-middle attack 4. Denial-of-service attack
  • 6. Tracking Down Sources of Spoofed IP Packet EXISTING IP TRACEBACK METHODS 6 Existing IP traceback methods can be categorized as Proactive and Reactive tracing Proactive Tracing : Prepares information for tracing when packets are in transit. Two proactive methods:  Packet marking  Messaging Reactive Tracing : Starts tracing after an attack is detected.
  • 7. Tracking Down Sources of Spoofed IP Packet A NEW APPROACH 7  A network operator can estimate the volume of spoofed traffic received at each of its network’s peering links and the set of networks routed toward each peering link (a catchment).  An operator can change the announcements for an IP prefix to induce changes to routes toward their prefixes and, more importantly, in the catchment of each peering link.  The catchment changes, in turn, impact the volume of spoofed traffic observed at each peering link.
  • 8. Tracking Down Sources of Spoofed IP Packet 8
  • 9. Tracking Down Sources of Spoofed IP Packet 9  In Configuration 1, the operator announces a prefix through three peering links with networks m, n, and p; measures the catchment (colored polygons) and traffic arriving on each peering link; and identifies that the spoofed traffic is concentrated on the link with n, i.e., sent by networks in n’s catchment (red arrow).  The operator later withdraws the announcement to n (Configuration 2), measures catchments and traffic volumes again, and identifies that the spoofed traffic is now concentrated on the peering link with m.  Configuration 3 announces the prefix from n again, but poisoning AS u (which causes AS u to ignore the route from n and choose the route from p instead). The operator can measure catchments and traffic to identify that the spoofed traffic is concentrated on the peering link with p.  Finally, the operator can intersect the measured catchments to partition networks into clusters (bottom right), and correlate clusters with observed spoofed traffic (red arrows) to identify that the spoofed traffic is concentrated on networks comprising λ.
  • 10. Tracking Down Sources of Spoofed IP Packet LOCATING SOURCES OF SPOOFED TRAFFIC 10 1. INDUCED ROUTING CHANGES a) Varying announcement locations b) Iterative AS-path prepending c) Targeted AS-path poisoning 2. CORRELATING OBSERVATIONS 3. ESTIMATING VOLUME OF SPOOFED TRAFFIC
  • 11. Tracking Down Sources of Spoofed IP Packet OPERATIONAL CONSIDERATIONS 11 1. Deployment Requirements  This technique generate anycast announcements.  Multiple small networks can cooperate to announce the same prefix and operate as a larger network that controls all of their peering links. 2. Requirements on Spoofed Traffic  Our techniques can be applied even when the volume of spoofed traffic is small, as it only requires information about which peering link is receiving spoofed traffic. 3. Measuring Catchment  Chose this approach as PEERING prefixes receive very little traffic and restricts active probing using its resources
  • 12. Tracking Down Sources of Spoofed IP Packet CONCLUSION  Our control-plane traceback technique can be deployed by any network with rich connectivity today, without changes to routers, and does not require cooperation from other networks.  Our results using the PEERING platform indicate that our proposed techniques to generate announcement configurations can effectively manipulate routes and induce catchment changes, allowing tracking down the sources of spoofed traffic. 12
  • 13. Tracking Down Sources of Spoofed IP Packet REFERENCE [1] Osvaldo Fonseca, Italo Cunha, Elverton Fazzion, Brivaldo Junior, Ronaldo A. Ferreira and Ethan Katz-Bassett, “Tracking Down Sources of Spoofed IP Packets”, in CoNEXT ’19 Companion, December 9–12,2019, Orlando, FL, USA. [2] Osvaldo Fonseca, Italo Cunha, Elverton Fazzion, Wagner Meira Jr., Brivaldo Junior, Ronaldo A. Ferreira and Ethan Katz-Bassett, “Identifying Networks Vulnerable to IP Spoofing”, in 2021 IEEE Transactions on Network and Service Management [3] Alaaeldin A. Aly and Ezedin Barka, “Tracking and Tracing Spoofed IP Packets to Their Sources”, in 2022, The Sixth Annual U.A.E. Research Conference [4] Ayman Mukaddam, Imad Elhajj, Ayman Kayssi and Ali Chehab, “IP Spoofing Detection”, in 2014 IEE 28th International Conference on Advanced Information Networking and Applications, 512-516, 2014. 13
  • 14. Tracking Down Sources of Spoofed IP Packet 14 THANK YOU