Preventing Utilization of Shared Network  Resources by Detecting IP Spoofing Attacks  through Validation of source IP Address

Simba, Fatuma; Lema, Hussein; Ally, Abdullah

Preventing Utilization of Shared Network Resources by Detecting IP Spoofing Attacks through Validation of source IP Address

Files

ISTAfrica_FinalPaper_ref_091_XploreISBN.pdf (684.83 KB)

Date

2018-05

Authors

Simba, Fatuma

Lema, Hussein

Ally, Abdullah

Publisher

IST-Africa 2018 Conference Proceedings

Abstract

Network intruders may spoof IP packets by modifying headers of the IP packets in order to fool people to believe that the transmissions are originating from trusted source. Consequently, various defencing mechanisms have been developed to identify and prevent IP spoofing attacks. However, most of them were implemented on either hosts or routers levels which utilizes a lot of shared resources on the networks during the attacking process. On the contrary, this paper proposes an algorithm for validating source IP address by using Layer Three Switches (L3S) in a Local Area Network (LAN), which means that the IP spoofing attacks will be identified and prevented without utilizing shared network resources. The study employed Mininet network emulator, POX controller, L3S, packets analyzer, and packet constructor to design and develop the algorithm. Results have shown that the algorithm was capable of detecting and preventing IP spoofed packets on LAN before L3S forward them to a target, and eventually an attacker was identified by using his/her MAC address.

Keywords

Media Access Control (MAC), POX controller, Mininet, Layer Three Switch (L3S), spoofing packet

URI

http://hdl.handle.net/20.500.11810/5270

Collections

Department of Computer Science and Engineering

Full item page