Spoofing Attacks on Packets And Methods For Detection And Prevention Of Spoofed Packets
Abstract
In a spoofing attack, the attacker creates misleading context in order to trick the victim into making an inappropriate security-relevant decision. A spoofing attack is like a con game: the attacker sets up a false but convincing world around the victim. The victim does something that would be appropriate if the false world were real. Unfortunately, activities that seem reasonable in the false world may have disastrous effects in the real world. Spoofing attacks are possible in the physical world as well as the electronic one. For example, there have been several incidents in which criminals set up bogus automated-teller machines (ATM), typically in the public areas of shopping malls.  The machines would accept ATM cards and ask the person to enter their PIN code. Once the machine had the victim’s PIN, it could either eat the card or “malfunction†and return the card. In either case, the criminals had enough information to copy the victim’s card and use the duplicate. In these attacks, people were fooled by the context they saw: the location of the machines, their size and weight, the way they were decorated, and the appearance of their electronic displays. In this Research we discus spoofing attacks and detection methods of spoofing attacks.
Keywords
References
T. Aura and P. Nikander. Stateless connections. Proc.International Conference on Information
and Communications Security (ICICS’97), Beijing, China, 1997.
S. Bellovin. Using the Domain Name System for System Break-ins. Proc. of the 5th UNIX
Security Symposium, pp.199-208, June 1995.
S. Bellovin. Security Problems in the TCP/IP Protocol Suite. Computer Communications Review, vol. 19, no. 2, pp. 32-48, April 1989.
H. Chang, R. Narayan, S. Wu, B. Vetter, X. Wang, M. Brown, J. Yuill, C. Sargor, F. Jou, and F. Gong. DECIDUOUS: decentralized source identification for network-based intrusions. Proc. of the Sixth IFIP/IEEE International Symposium on Integrated Network Management May 1999.
] H. Chang, S. Wu and Y. Jou. "Real-Time Protocol Analysis for Detecting Link-State Routing Protocol Attacks". ACM Transaction on Information and System Security (TISSEC), Feb. 2001.
L. T. Heberlein and M. Bishop. Attack Class: Address Spoofing. Proc. of the 19th National Information Systems Security Conference, pages 371-377, October 1996.
L. Joncheray. A Simple Active Attack Against TCP. Proc. Fifth Usenix UNIX Security Symposium, 1995.
F. Lau, S. H. Rubin, M. H. Smith, and Lj. Trajkovic. Distributed denial of service attacks. Proc. 2000 IEEE Int. Conf. on Systems, Man, and Cybernetics, Nashville, TN, pp. 2275-2280, October 2000.
V. Paxson. End-to-end Routing Behavior in the Internet. to appear in Proc. SIGCOMM '96, August 1996.
S. Savage, D. Wetherall, A. Karlin, and T. Anderson. Practical network support for IP traceback. Proc. of the 2000 ACM SIGCOMM Conference, August 2000.
C. Schuba and E. Spafford. Countering abuse of name-based authentication. Proc. 22nd Annual Telecommunications Policy Research Conference, 1996.
D. Schnackenberg, K. Djahandari., and D. Sterne. Infrastructure for Intrusion Detection and Response. Proc. of the DARPA Information Survivability Conference and Exposition (DISCEX '00), 2000.
S. Staniford-Chen and L. T. Heberlein. Holding Intruders Accountable on the Internet. Proc. of the 1995 IEEE Symposium on Security and Privacy, Oakland, CA, pages 39-49, May 1995.
S. Templeton and K. Levitt. A Requires/Provides Model for Computer Attacks. Proc. of the New Security Paradigms Workshop 2000, Cork Ireland, September 2000.
J. Postel. RFC 791: DARPA Internet Program Protocol Specification. http://www.ietf.org/rfc/rfc791, September 1981.
M. Zalewski. Strange Attractors and TCP/IP Sequence Number Analysis. http://razor.bindview.com/publish/papers/tcpseq.html,
S. Templeton and K. Levitt. A Requires/Provides Model for Computer Attacks. Proc. of the New Security Paradigms Workshop 2000, Cork Ireland, September 2000.
. G. Kanwal, & Rshma, C. , "Detection of DDoS Attacks Using Data Mining," International Journal of Computing and Business Research (IJCBR), vol. 2, pp. 1-10., 2011.
Refbacks
- There are currently no refbacks.
Copyright © 2013, All rights reserved.| ijseat.com
International Journal of Science Engineering and Advance Technology is licensed under a Creative Commons Attribution 3.0 Unported License.Based on a work at IJSEat , Permissions beyond the scope of this license may be available at http://creativecommons.org/licenses/by/3.0/deed.en_GB.
Â