This paper provide the way of finding the legitimacy of a packet by analyzing the number of hops that packet gone through before reaching at the destination. Problem with IP packet is that the contents of the packet can be changed easily. This is called IP spoofing, which is being very much used in Distributed Denialof-Service (DDoS) attacks. they are very hard to detect, there is no comprehensive solution.But attacker cannot control hop count. Since after sending the packet, he can not tamper TTL field, which is modified by every hop. By generating an IP to Hop-Count mapping table and inspecting it, spoofed packets can be identified. It is called HCF (Hop Count Filter). It is used to classify legitimate and spoofed packets with little collateral damage. HCF causes delay in critical path of packet processing in the kernel because of enormous IP2HC mapping table. This overhead is reduced by identifying the attackers in learning state and then drop spoofed packets in filtering state. It is implemented in the Linux kernel so as to reduce the CPU overhead in terms of interrupts which saves the resources.
Due to the tremendous growth of the Internet and Network based services, the severity of network based computer attacks have significantly increased. Thus, IDS play a vital role in network security. Intrusion detection system tries to detect computer attacks by examining various data records, log audits etc. Many existing IDS such as Snort are signature based system. The problem with such a system is that it cannot detect novel attacks whose signature is not available and hence generates a high rate of alerts. In this paper Multilayer Perceptron (MLP) with Back-Propagation algorithm is used to classify attacks. We train and test MLP with KDD99 training dataset. We use KDD99 dataset which is a subset of the DARPA dataset. It is a preprocessed dataset and is most suitable for our system. We analyze the working ofMLP by performing various experiments. We observed that MLP Neural network requires large training time. Once it trained, detects known as well as unknown attacks and also reduces false alerts.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.