Přístupnostní navigace
E-přihláška
Vyhledávání Vyhledat Zavřít
Detail publikace
KOVÁČIK, M. KAJAN, M. ŽÁDNÍK, M.
Originální název
Detecting IP-spoofing by modelling history of IP address entry points
Typ
článek ve sborníku mimo WoS a Scopus
Jazyk
angličtina
Originální abstrakt
Since most of the networks do not apply source IP filtering rules to its outgoing traffic an attacker may insert an arbitrary source IP address in an outgoing packet, so called IP-spoofing. This paper elaborates on a possibility to detect IP spoofing in networks with more than one entry point. A novel detection scheme is proposed. It is based on an analysis of NetFlow data collected at the entry points.The scheme assumes that the network traffic originating from a certain source network enters the observed network via relatively stable set of points which is lower than the total number of entry points. The scheme has been tested on data from a real network.
Klíčová slova
IP spoofing detection, entry points, network modeling
Autoři
KOVÁČIK, M.; KAJAN, M.; ŽÁDNÍK, M.
Rok RIV
2013
Vydáno
25. 6. 2013
Nakladatel
Springer Verlag
Místo
Barcelona
ISBN
978-3-642-38997-9
Kniha
Emerging Management Mechanisms for the Future Internet
Edice
Lecture Notes in Computer Science
ISSN
0302-9743
Periodikum
Ročník
7943
Číslo
06
Stát
Spolková republika Německo
Strany od
73
Strany do
83
Strany počet
11
URL
https://www.fit.vut.cz/research/publication/10271/
BibTex
@inproceedings{BUT103465, author="Michal {Kováčik} and Michal {Kajan} and Martin {Žádník}", title="Detecting IP-spoofing by modelling history of IP address entry points", booktitle="Emerging Management Mechanisms for the Future Internet", year="2013", series="Lecture Notes in Computer Science", journal="Lecture Notes in Computer Science", volume="7943", number="06", pages="73--83", publisher="Springer Verlag", address="Barcelona", doi="10.1007/978-3-642-38998-6\{_}9", isbn="978-3-642-38997-9", issn="0302-9743", url="https://www.fit.vut.cz/research/publication/10271/" }