IP spoofing detection approach(ISDA) for network intrusion detection system

Authors

Sui Song, New Jersey Institute of Technology
C. N. Manikopoulos, New Jersey Institute of Technology

Document Type

Conference Proceeding

Publication Date

12-1-2006

Abstract

A new approach for detecting spoofed IP level, called IP Spoofing Detection Approach (ISDA), is proposed. The purpose of this approach is maximally to keep effective parts and remove forged parts of Source IP addresses under flooding attacks and dynamically configure flow aggregation scheme for flow-based network Intrusion detection to build the most effective intrusion detection approach. Our work concentrates on developing an overall framework, which includes building flow aggregation schemes for Flow-based Network Intrusion Detection System (FNIDS), detecting IP address spoofing level and using Fuzzy logic method automatically to activate the most appropriate flow aggregation scheme. Finally, the performance of applying our proposed architecture against flooding DDOS attacks is evaluated by using DARPA 98 data. Results show the significant improvement for FNIDS after applying the IP address spoofing detection algorithms.

Identifier

50649103070 (Scopus)

ISBN

[1424400023, 9781424400027]

Publication Title

2006 IEEE Sarnoff Symposium

External Full Text Location

https://doi.org/10.1109/SARNOF.2006.4534792

Recommended Citation

Song, Sui and Manikopoulos, C. N., "IP spoofing detection approach(ISDA) for network intrusion detection system" (2006). Faculty Publications. 18607.
https://digitalcommons.njit.edu/fac_pubs/18607