METHOD, APPARATUS AND PROGRAM FOR DETECTING SPOOFED NETWORK TRAFFIC

A method, an apparatus and a program for detecting spoofed Internet Protocol (IP) traffic directed to a network having a plurality of autonomous systems (AS) is provided. The method comprises receiving an incoming packet through an AS, the incoming packet containing a source IP address and a destina...

Full description

Saved in:
Bibliographic Details
Main Authors GHOSH, ABHRAJIT, NAIDU, ADITYA, SAWAYA, YUKIKO, VAIDYANATHAN, RAVICHANDER, MIYAKE, YUTAKA, YAMADA, AKIRA, KUBOTA, AYUMU
Format Patent
LanguageEnglish
French
German
Published 09.09.2015
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:A method, an apparatus and a program for detecting spoofed Internet Protocol (IP) traffic directed to a network having a plurality of autonomous systems (AS) is provided. The method comprises receiving an incoming packet through an AS, the incoming packet containing a source IP address and a destination IP address, acquiring a corresponding source and destination IP address prefixes, converting the corresponding source and destination IP address prefixes into a source AS number and a destination AS number, determining if the incoming packet arrived from an unexpected source based upon the corresponding destination IP address prefix and the converted source and destination AS number using an unexpected pair tuple table generated from network routing information and generating an alert indicating that the incoming packet is not allowed to enter the network.
Bibliography:Application Number: EP20120849045