IP address spoofing – Knowledge and References

Explore chapters and articles related to this topic

Review of Layer 2 and Layer 3 Forwarding

Published in James Aweya, Designing Switch/Routers, 2023

The data or forwarding plane also plays a key role in the implementation of a number of network security mechanisms. It is now common knowledge that IP address spoofing may occur during a denial-of-service (DoS) attack. IP spoofing allows an intruder or malicious user to send IP packets to a destination with the intent of disguising it as genuine traffic, when in fact the packets are malicious and not actually genuine and should not be forwarded to the destination. This type of spoofing is harmful because it consumes network and destination host resources, and sometimes can bring down the operations of the network and the destination. Unicast Reverse Path Forwarding (uRPF) check [RFC3704] is a tool used to reduce the forwarding of IP packets that may be carrying spoofed IP addresses.

Detection of distributed denial of service attack in cloud computing using the optimization-based deep networks

View Article

Journal Information

Published in Journal of Experimental & Theoretical Artificial Intelligence, 2021

S. Velliangiri, P. Karthikeyan, V. Vinoth Kumar

The challenges prevailing in most of the existing techniques of attack detection involve: Adversaries in the nodes may hold passive and active accesses to secret information, and this can lead to the eavesdropping or DoS attacks. The presence of attack in the environment may lead to system overload and packet collisions causing, in both cases, additional loss.Security-related issues in cloud nodes depend on its Confidentiality, Integrity, and Availability (CIA) parameters. The service availability of the nodes can be severely affected due to the DDoS attack. The DDoS attack access to the various resource pool, and creates exhaustion to the computing resources for the legitimate users. One of the common attributes in the DDOS is the IP address spoofing.The resource limitation of mobile devices is an obstacle for executing the computationally intensive operations involved in computationally secure schemes. Therefore, there is a need for the security schemes that provide security services with minimum processing, storage, and communication overhead on a mobile device.An end-to-end communication paradigm led to locating most of the intelligence needed for service guarantees with end hosts. At the same time, a desire for large throughput has led to the design of high bandwidth pathways in the intermediate network. Thus, malicious clients can misuse the abundant resources of the unwitting network for the delivery of numerous messages to a victim.The DDoS attack is a type of intrusion that exhausts the resources and services of an individual or organisation by sending useless traffic so that legitimate users are not able to avail of the services. DDoS attackers mask their identity by compromising many victim machines and use them to mimic legitimate network traffic, making it very difficult to identify.