Title: Preventing IP Spoofing Attacks in a Shared Resources Network

Issue Number: Vol. 8, No. 2
Year of Publication: Jun - 2019
Page Numbers: 144-151
Authors: Hussein Sudi Lema, Fatuma Simba
Journal Name: International Journal of Cyber-Security and Digital Forensics (IJCSDF)
- Hong Kong
DOI:  http://dx.doi.org/10.17781/P002575


Network intruders may spoof IP packets by modifying headers of the IP packets to fool people believe that the transmissions are originating from the trusted source. Consequently, various defence mechanisms have been developed to identify and prevent IP spoofing attack. However, the existing prevention mechanisms are implemented on either destination hosts or routers levels. At these levels facilitate utilization of shared resources on the networks during the attacking process even if there is a mechanism on those levels. To the best of our knowledge, there is no research work reported on how an IP spoofing attacker can be prevented from attacker’s LAN before utilizing shared network resources. Therefore, this paper proposes an algorithm for providing an attacker a warning due to his/her attacking activities. The study employed Mininet network emulator, POX controller, Layer 3 switches (L3S), packets analyzer, and packet constructor to design and develop a prototype of the algorithm in a Local Area Network (LAN) environment. Results show that the developed algorithm is capable of returning packets to an attacker as a warning mechanism in a LAN level. The warning packets utilize attacker’s network resources/keep the attackers network busy, hence stops IP spoofing attacks. Therefore the attacker is as well get affected by his/her attacking activities