Victim Based Statistical Filtering : A New Deterrent Against Spoofed DoS Traffic
S. Mir, and S. Quadri. International Journal of Computer Networks & Communications (IJCNC)9 (4):
The extensive use of Internet and network-based information resources on a global scale has led to the rise in a wide range of security incidents. One such attack is a TCP-SYN DoS attack, which makes use of IP spoofing for its effectiveness. This paper presents a robust scheme for filtering spoofed DoS IP Packets on the Internet. We have proposed a robust filtering algorithm namely, Victim Based Statistical Filtering in
this paper. The algorithm is inspired from the Hop-Count Filtering (HCF) method, which uses a correlation between IP addresses and their respective hop-counts to the destination server, to filter out the spoofed IP packets from the legitimate ones. The variation that we have proposed is adding the monitoring information of the usage levels of port numbers of the destination machine (victim), in the HCF Algorithm.
The proposed VBSF algorithm was empirically evaluated and it was found to exhibit better performance than its predecessor