Abstract | ||
---|---|---|
Martian address filtering refers to a technique that discards IP packets that have an invalid source or destination address. This paper evaluates its effectiveness (or lack thereof) under denial of service (DoS) attack or host scan, in terms of packet-level and flow-level filtering performance. In order to overcome the shortcoming of Martian address filtering, we consider two extensions: unallocated address checking and blacklisting. We demonstrate through trace-based simulation that these techniques can indeed boost filtering performance. We also analyze the performance and the possible side-effects of the extensions. |
Year | DOI | Venue |
---|---|---|
2003 | 10.1109/GLOCOM.2003.1258458 | GLOBECOM |
Keywords | Field | DocType |
packet switching,ip networks,protocols,denial of service attack,packet-level filtering,unallocated address checking,host scan,information filters,martian address filtering,ip packets,telecommunication security,stateful inspection,trace-based simulation,flow-level filtering,blacklisting,dos attack,denial of service,side effect | Ingress filtering,Denial-of-service attack,Computer science,Network packet,Computer network,Martian,Filter (signal processing),Blacklisting,Stateful firewall,Packet switching | Conference |
Volume | ISSN | ISBN |
3 | 1930-529X | 0-7803-7974-8 |
Citations | PageRank | References |
5 | 0.68 | 3 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Hyogon Kim | 1 | 494 | 58.48 |
Inhye Kang | 2 | 169 | 17.91 |