Abstract

In data nework data packets are normally forwarded from one router to another through networks until it gets to reach its destination node. According to the internet architecture routers in the internet do not perform any security verification of the source IP address contained in the IP packets. The lack of such a verification opens the door for variety of network security vulnerabilities like Denial-of-Service (DoS) attacks, man-in-the-middle attacks. One of the major threats to the Internet is source IP address spoofing. Different types of IP spoofing detection and prevention approaches are proposed by the research community. In this paper an ant algorithm based traceback approach is proposed to identify the spoofed request origin. In the proposed traceback approach flow level information of each network path is used to identify the origin of the spoofing attack. The significant characteristics of ant algorithm such as quick convergence and heuristic are adopted in the proposed method to find out the origin of the attack.

Key words: IP spoofing, hop count, ant algorithm, pheromone intensity, fuzzification.