This Constructing IDPFs using BGP Updates to Control IP Spoofing Thesis submitted in partial fulfillment of the requirements for the degree of Master of Science in Computer Networks.

The IP Spoofing is a critical threat to the valid use of the Internet throughout the world. All impediment mechanisms employed have been prevented by the capacity of attackers to invent or spoof the source addresses of the IP packets. By using IP spoofing, hackers can avoid discovery and for policing the attack packets put more burden on the destination network. Here, we suggest an Inter-Domain Packet Filter (IDPF) architecture which can minimize the level of IP spoofing on the Internet. The important point of this is we don’t need any Global Routing information .The IDPFs are implemented on the network border routers and build from the information gathered from Border Gateway Protocol (BGP) route updates. Here the IDPF framework works in such a way that it will not block packets with legitimate source addresses. At the end of this thesis we show that even with fragmentary implementation  of the IDPFs on the Internet we can reduce the spoofing capacity of attackers and they can help in localize the source of an attack packet to a fewer number of candidate networks.

Constructing Inter-Domain Packet Filters Based On BGP Updates to Control IP SpoofingAdvantages of the Proposed System:

  •  Minimize the denial of service attacks.
  •  For finding possible path we don’t need global routing information.   
  •  Reducing the IP spoofing through BGP updates, this will overcome the drawback of finding BEST route

The main objectives of this project are as follows:

  • Constructing the routing table consists the network id, cost, next Hop using the Border Gateway Protocol (BGP).
  •  To find the feasible path among the possible paths.
  •  To analyze incoming packets Inter Domain Packet Filter (IDPF) Implementation.     
  •  To Validate the packets (spoofed or not).
  •  To allow only valid packets to destination.
  •  To control the IP Spoofing IDPF architecture implementation uses BGP Protocol.

The project aims to provide the following deliverables:

  •  A methodological approach for the analysis, development and implementation  of     An IDPF architecture.
  •  Development of network infrastructure by using Border Gateway  Protocol(BGP) and constructing the routing table on the basis of next hop without having Global Routing Information.
  •  Providing Security from the IP Spoofing in the public networks.
  •  Establishment of an effectiveness incoming packet monitoring mechanisms Throughout the system and controlling the IP Spoofing.

Download Constructing Inter-Domain Packet Filters Based On BGP Updates to Control IP Spoofing Documentation