Proactive defense mechanism against IP spoofing traffic on a NEMO environment

Mihui Kim, Kijoon Chae

Research output: Contribution to journalArticlepeer-review

1 Scopus citations


The boundary of a distributed denial of service (DDoS) attack, one of the most threatening attacks in a wired network, now extends to wireless mobile networks, following the appearance of a DDoS attack tool targeted at mobile phones. However, the existing defense mechanisms against such attacks in a wired network are not effective in a wireless mobile network, because of differences in their characteristics such as the mobile possibility of attack agents. In this paper, we propose a proactive defense mechanism against IP spoofing traffic for mobile networks. IP spoofing is one of the features of a DDoS attack against which it is most difficult to defend. Among the various mobile networks, we focus on the Network Mobility standard that is being established by the NEMO Working Group in the IETF. Our defense consists of following five processes: speedy detection, filtering of attack packets, identification of attack agents, isolation of attack agents, and notification to neighboring routers. We simulated and analyzed the effects on normal traffic of moving attack agents, and the results of applying our defense to a mobile network. Our simulation results show that our mechanism provides a robust defense.

Original languageEnglish
Pages (from-to)1959-1967
Number of pages9
JournalIEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Issue number7
StatePublished - Jul 2006


  • Defense mechanism
  • IP spoofing traffic
  • Mobile network
  • Neighbor graph
  • Network Mobility (NEMO)


Dive into the research topics of 'Proactive defense mechanism against IP spoofing traffic on a NEMO environment'. Together they form a unique fingerprint.

Cite this