Advertisement

DNS-Based Defense against IP Spoofing Attacks

  • Eimatsu Moriyama
  • Takeshi Takahashi
  • Daisuke Miyamoto
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7667)

Abstract

Many attacks on the Internet spoof the source IP addresses. Numerous techniques have been researched and developed thus far to cope with this, but they are not yet sufficient. This paper proposes a Domain Name System-based technique for handling the issue. An attacker needs the IP address of an application server, the target of attack, to access there. To obtain the address, the attacker queries the DNS full-service resolver to resolve the server’s fully qualified domain name. While the attacker is inquiring about the address, it cannot spoof its address in the proposed scheme. The proposed scheme informs the application server-side gateway of the client’s address, with which the gateway can ignore access by those other than the informed address.

Keywords

spoofing address DNS log SFP TCP fallback 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Aboba, B., Dixon, W.: IPsec-Network Address Translation (NAT) Compatibility Requirements. RFC 3715, Informational (March 2004), http://www.ietf.org/rfc/rfc3715.txt
  2. 2.
    Baker, F., Savola, P.: Ingress Filtering for Multihomed Networks. RFC 3704 (Best Current Practice) (March 2004), http://www.ietf.org/rfc/rfc3704.txt
  3. 3.
    Eddy, W.: TCP SYN Flooding Attacks and Common Mitigations. RFC 4987, Informational (August 2007), http://www.ietf.org/rfc/rfc4987.txt
  4. 4.
    Kumari, W., McPherson, D.: Remote Triggered Black Hole Filtering with Unicast Reverse Path Forwarding (uRPF). RFC 5635, Informational (August 2009), http://www.ietf.org/rfc/rfc5635.txt
  5. 5.
  6. 6.
    Takahashi, T., Hazeyama, H., Miyamoto, D., Kadobayashi, Y.: Taxonomical approach to the deployment of traceback mechanisms. In: 2011 Baltic Congress on Future Internet Communications (BCFIC Riga), pp. 13–20 (February 2011)Google Scholar
  7. 7.
    Wong, M., Schlitt, W.: Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail, Version 1. RFC 4408 (Experimental) updated by RFC 6652 (April 2006), http://www.ietf.org/rfc/rfc4408.txt

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Eimatsu Moriyama
    • 1
  • Takeshi Takahashi
    • 1
  • Daisuke Miyamoto
    • 2
  1. 1.National Institute of Information and Communications TechnologyTokyoJapan
  2. 2.University of TokyoTokyoJapan

Personalised recommendations