On the effectiveness of Martian address filtering and its extensions

Hyogon Kim, Inhye Kang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)

Abstract

Martian address filtering refers to a technique that discards IP packets that have an invalid source or destination address. This paper evaluates its effectiveness (or lack thereof) under denial of service (DoS) attack or host scan, in terms of packet-level and flow-level filtering performance. In order to overcome the shortcoming of Martian address filtering, we consider two extensions: unallocated address checking and blacklisting. We demonstrate through trace-based simulation that these techniques can indeed boost filtering performance. We also analyze the performance and the possible side-effects of the extensions.

Original languageEnglish
Title of host publicationGLOBECOM - IEEE Global Telecommunications Conference
Pages1348-1352
Number of pages5
Volume3
Publication statusPublished - 2003 Dec 1
EventIEEE Global Telecommunications Conference GLOBECOM'03 - San Francisco, CA, United States
Duration: 2003 Dec 12003 Dec 5

Other

OtherIEEE Global Telecommunications Conference GLOBECOM'03
CountryUnited States
CitySan Francisco, CA
Period03/12/103/12/5

Fingerprint

simulation
services
side effect
Denial-of-service attack

Keywords

  • Denial-of-service attack
  • Host scan
  • Martian addresses
  • Packet filtering
  • Stateful inspection

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Global and Planetary Change

Cite this

Kim, H., & Kang, I. (2003). On the effectiveness of Martian address filtering and its extensions. In GLOBECOM - IEEE Global Telecommunications Conference (Vol. 3, pp. 1348-1352)

On the effectiveness of Martian address filtering and its extensions. / Kim, Hyogon; Kang, Inhye.

GLOBECOM - IEEE Global Telecommunications Conference. Vol. 3 2003. p. 1348-1352.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Kim, H & Kang, I 2003, On the effectiveness of Martian address filtering and its extensions. in GLOBECOM - IEEE Global Telecommunications Conference. vol. 3, pp. 1348-1352, IEEE Global Telecommunications Conference GLOBECOM'03, San Francisco, CA, United States, 03/12/1.
Kim H, Kang I. On the effectiveness of Martian address filtering and its extensions. In GLOBECOM - IEEE Global Telecommunications Conference. Vol. 3. 2003. p. 1348-1352
Kim, Hyogon ; Kang, Inhye. / On the effectiveness of Martian address filtering and its extensions. GLOBECOM - IEEE Global Telecommunications Conference. Vol. 3 2003. pp. 1348-1352
@inproceedings{fca0b92250904423b6dcdba818b89d43,
title = "On the effectiveness of Martian address filtering and its extensions",
abstract = "Martian address filtering refers to a technique that discards IP packets that have an invalid source or destination address. This paper evaluates its effectiveness (or lack thereof) under denial of service (DoS) attack or host scan, in terms of packet-level and flow-level filtering performance. In order to overcome the shortcoming of Martian address filtering, we consider two extensions: unallocated address checking and blacklisting. We demonstrate through trace-based simulation that these techniques can indeed boost filtering performance. We also analyze the performance and the possible side-effects of the extensions.",
keywords = "Denial-of-service attack, Host scan, Martian addresses, Packet filtering, Stateful inspection",
author = "Hyogon Kim and Inhye Kang",
year = "2003",
month = "12",
day = "1",
language = "English",
volume = "3",
pages = "1348--1352",
booktitle = "GLOBECOM - IEEE Global Telecommunications Conference",

}

TY - GEN

T1 - On the effectiveness of Martian address filtering and its extensions

AU - Kim, Hyogon

AU - Kang, Inhye

PY - 2003/12/1

Y1 - 2003/12/1

N2 - Martian address filtering refers to a technique that discards IP packets that have an invalid source or destination address. This paper evaluates its effectiveness (or lack thereof) under denial of service (DoS) attack or host scan, in terms of packet-level and flow-level filtering performance. In order to overcome the shortcoming of Martian address filtering, we consider two extensions: unallocated address checking and blacklisting. We demonstrate through trace-based simulation that these techniques can indeed boost filtering performance. We also analyze the performance and the possible side-effects of the extensions.

AB - Martian address filtering refers to a technique that discards IP packets that have an invalid source or destination address. This paper evaluates its effectiveness (or lack thereof) under denial of service (DoS) attack or host scan, in terms of packet-level and flow-level filtering performance. In order to overcome the shortcoming of Martian address filtering, we consider two extensions: unallocated address checking and blacklisting. We demonstrate through trace-based simulation that these techniques can indeed boost filtering performance. We also analyze the performance and the possible side-effects of the extensions.

KW - Denial-of-service attack

KW - Host scan

KW - Martian addresses

KW - Packet filtering

KW - Stateful inspection

UR - http://www.scopus.com/inward/record.url?scp=0842289258&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0842289258&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:0842289258

VL - 3

SP - 1348

EP - 1352

BT - GLOBECOM - IEEE Global Telecommunications Conference

ER -