Browse > Article
http://dx.doi.org/10.13089/JKIISC.2015.25.1.147

A study on the detection of DDoS attack using the IP Spoofing  

Seo, Jung-Woo (Korea University)
Lee, Sang-Jin (Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.25, no.1, 2015 , pp. 147-153 More about this Journal
Abstract
Since the DoS(Denial of Service) attack is still an important vulnerable element in many web service sites, sites including public institution should try their best in constructing defensive systems. Recently, DDoS(Distributed Denial of Service) has been raised by prompting mass network traffic that uses NTP's monlist function or DoS attack has been made related to the DNS infrastructure which is impossible for direct defense. For instance, in June 2013, there has been an outbreak of an infringement accident where Computing and Information Agency was the target. There was a DNS application DoS attack which made the public institution's Information System impossible to run its normal services. Like this, since there is a high possibility in having an extensive damage due to the characteristics of DDoS in attacking unspecific information service and not being limited to a particular information system, efforts have to be made in order to minimize cyber threats. This thesis proposes a method for using TTL (Time To Live) value in IP header to detect DDoS attack with IP spoofing, which occurs when data is transmitted under the agreed regulation between the international and domestic information system.
Keywords
DDoS; IP Spoofing; Vulnerablilty; HCF;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Wang, Haining, Cheng Jin, and Kang G. Shin. "Defense against spoofed IP traffic using hop-count filtering," IEEE/ACM Transactions on Networking, pp. 40-53, Sep. 2007.
2 Korea Internet & Security Agency, "Study on the Method of a spoofed IP detection about the DDoS attack," 2013.
3 K.Park, H.Lee, "On the Effectiveness of Probabilistic Packet Marking for IP Traceback under Denial of Service Attack," Department of Computer Sciences, Purdue University, 2000.
4 D.Song, A. Perrig, "Advanced and Authenticated Marking Schemes for IP Traceback," IEEE INFO COM 2001, 2001.
5 M. Adler, "Tradeoffs in Probabilistic Packet Marking for IP Traceback," Department of Computer Science, University of Masachusetts, 2001.
6 G. S. Savage, D. Wetherall, A. Karlin, and T. Anderson, "Network support for IP traceback," IEEE/ACM Trans. Networking, vol.9, pp. 226-237, June 2001.   DOI
7 T. Peng, C. Leckie, and K. Ramamo hanarao, "Adjusted probabilistic packet marking for IP traceback," in Proc. Networking, May 2002, pp. 697- 708, 2002.
8 M. Adler, "Tradeoffs in probabilistic packet marking for IP traceback," Proc. 34th ACM Symp. Theory of Computing (STOC), pp. 407-418, May 2002.
9 S. S. Rana and T. M. Bansod, "IP Spoofing Attack Detection using Route Based Information," in International Journal of Advanced Research in Computer Engineering & Technology, ISSN: 2278-1323, Volume 1, Issue 4, June 2012.