Detection and Removal of IP Spoofing Through Extended-Inter Domain Packet Filter Architecture

IP spoofing makes use of the basic weakness in the Internet Protocol to launch the DDOS attack. The existing methods become ineffective due to a large number of filters required and they lack in information about where to place the filter. The existing system requires the global routing information to defend IP spoofing effectively. We propose Extended Inter Domain Packet Filters (Ex-IDPF) to overcome this problem. The Ex-IDPF comprises of two functional blocks namely, marking and filtering blocks. In the marking block, each source is labeled with a key. The key is changed continuously for a certain period of time to provide secured system and is validated at border routers. In the filtering block, spoofed packets are filtered at the border router using path history and the feasible route table. This architecture is independent of global routing information and the Ex-IDPFs are constructed on the basis of Border Gateway Protocol (BGP) route updates. The filter placement algorithm clearly put forwards the conditions under which the filter can operate accurately. The accuracy of the proposed systems is validated using Network Simulator (NS-2).