short-paper

Free Access

Filtering Spoofed IP Traffic Using Switching ASICs

Authors:
Jiasong Bai

Institute for Network Sciences and Cyberspace, Tsinghua University, Department of Computer Science and Technology, Tsinghua University, Beijing National Research Center for Information Science and Technology (BNRist)

Institute for Network Sciences and Cyberspace, Tsinghua University, Department of Computer Science and Technology, Tsinghua University, Beijing National Research Center for Information Science and Technology (BNRist)
View Profile

,
Jun Bi

Institute for Network Sciences and Cyberspace, Tsinghua University, Department of Computer Science and Technology, Tsinghua University, Beijing National Research Center for Information Science and Technology (BNRist)

Institute for Network Sciences and Cyberspace, Tsinghua University, Department of Computer Science and Technology, Tsinghua University, Beijing National Research Center for Information Science and Technology (BNRist)
View Profile

,
Menghao Zhang

Institute for Network Sciences and Cyberspace, Tsinghua University, Department of Computer Science and Technology, Tsinghua University, Beijing National Research Center for Information Science and Technology (BNRist)

Institute for Network Sciences and Cyberspace, Tsinghua University, Department of Computer Science and Technology, Tsinghua University, Beijing National Research Center for Information Science and Technology (BNRist)
View Profile

,
Guanyu Li

Institute for Network Sciences and Cyberspace, Tsinghua University, Department of Computer Science and Technology, Tsinghua University, Beijing National Research Center for Information Science and Technology (BNRist)

Institute for Network Sciences and Cyberspace, Tsinghua University, Department of Computer Science and Technology, Tsinghua University, Beijing National Research Center for Information Science and Technology (BNRist)
View Profile

SIGCOMM '18: Proceedings of the ACM SIGCOMM 2018 Conference on Posters and DemosAugust 2018Pages 51–53https://doi.org/10.1145/3234200.3234205

Published:07 August 2018Publication History

SIGCOMM '18: Proceedings of the ACM SIGCOMM 2018 Conference on Posters and Demos

Pages 51–53

References

Noah Davids. 2018. default TTL values. http://noahdavids.org/self_published/TTL_values.html. (2018).Google Scholar
Cheng-Hung He and et al. 2018. A Zero Flow Entry Expiration Timeout P4 Switch. In SOSR. ACM, 19. Google ScholarDigital Library
Cheng Jin and et al. 2003. Hop-count filtering: an effective defense against spoofed DDoS traffic. In CCS. ACM, 30--41. Google ScholarDigital Library
Barefoot Networks. 2018. Tofino. https://barefootnetworks.com/products/brief-tofino/. (2018).Google Scholar
Haining Wang, Cheng Jin, and Kang G Shin. 2007. Defense against spoofed IP traffic using hop-count filtering. ToN 15, 1 (2007), 40--53. Google ScholarDigital Library

Index Terms

Filtering Spoofed IP Traffic Using Switching ASICs
1. Networks
  1. Network architectures
2. Security and privacy
  1. Network security

Recommendations

Defense against spoofed IP traffic using hop-count filtering

IP spoofing has often been exploited by Distributed Denial of Service (DDoS) attacks to: 1) conceal flooding sources and dilute localities in flooding traffic, and 2) coax legitimate hosts into becoming reflectors, redirecting and amplifying flooding ...
Read More
Analysis of Spoofed IP Traffic Using Time-to-Live and Identification Fields in IP Headers
WAINA '11: Proceedings of the 2011 IEEE Workshops of International Conference on Advanced Information Networking and Applications

Internet services are often exposed to many kinds of threats such as the distributed denial of service (DDoS), viruses, and worms. Since these threats cause an adverse effect on the social and economical activities on the Internet, the technologies for ...
Read More
Throttling spoofed SYN flooding traffic at the source

TCP-based flooding attacks are a common form of Distributed Denial-of-Service (DDoS) attacks which abuse network resources and can bring about serious threats to the Internet. Incorporating IP spoofing makes it even more difficult to defend against such ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in

SIGCOMM '18: Proceedings of the ACM SIGCOMM 2018 Conference on Posters and Demos
August 2018
165 pages
ISBN:9781450359153
DOI:10.1145/3234200

Copyright © 2018 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 7 August 2018
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Hop-Count Filter
Programmable Switch
Spoofed IP Traffic
Qualifiers
- short-paper
- Research
- Refereed limited
Conference

Acceptance Rates
Overall Acceptance Rate554of3,547submissions,16%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 7
  Total Citations
  View Citations
- 508
  Total Downloads
- Downloads (Last 12 months)53
- Downloads (Last 6 weeks)8
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Filtering Spoofed IP Traffic Using Switching ASICs

SIGCOMM '18: Proceedings of the ACM SIGCOMM 2018 Conference on Posters and Demos

References

Cited By

Index Terms

Recommendations

Defense against spoofed IP traffic using hop-count filtering

Analysis of Spoofed IP Traffic Using Time-to-Live and Identification Fields in IP Headers

Throttling spoofed SYN flooding traffic at the source

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

Filtering Spoofed IP Traffic Using Switching ASICs

SIGCOMM '18: Proceedings of the ACM SIGCOMM 2018 Conference on Posters and Demos

References

Cited By

Index Terms

Recommendations

Defense against spoofed IP traffic using hop-count filtering

Analysis of Spoofed IP Traffic Using Time-to-Live and Identification Fields in IP Headers

Throttling spoofed SYN flooding traffic at the source

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media