In this paper, we present a theoretical framework for a simple and efficient method that detects and blocks source IP spoofed packets and TCP/SYN flooding packets at source. The method is based on a network authentication server (AS), which performs an authentication process on SYN packets. The authentication process verifies the legitimacy of SYN packet's source IP address that initiate a connection request from a network subnet host to an external host. During the authentication process of SYN packets, AS identifies and blocks SYN packets with legal source IP address that chip in a TCP/SYN flooding attack. AS preserves network performance by exchanging authentication messages in plain text, and acts as a stateful inspection firewall and only SYN packets are subject for inspection. Our method which is capable to detect and prevent all types of spoofing packets including subnet spoofing contributes to standard ingress/egress methods in eliminating bogus traffic on the Internet.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.