A Proposal for Detection of Node Location and Source Address Spoofing in Subnet

Khamphao Sisaat (0451128)

In the current Internet, source address of a packet cannot always indicate the true sender node because a source address can be spoofed. It makes difficult for the receiver and network administrator to locate the sender node if the attacker employs source address spoofing. Unfortunately, there is no an efficient method to confirm whether a sender node sent a packet with its real source addresses or not. Therefore, attackers can send source spoofed packets without worrying that their nodes can be identified by the network administrators. In this thesis, we propose a new method for detecting node location of the sender nodes and source address spoofing in sub net. Our approach offers detection method against source address spoofing in any cases for all nodes are connected to the same local area network. Our approach drops each packet that contains spoofed source address. Furthermore, our approach remains the ability to trace the sender node, which is useful for network administrators to locate to the true sender node, even though the incident event has been completed.