Patent · US Expired

Methods, systems and computer program products for detecting a spoofed source address in IP datagrams

US7134012B2 · kind B2 · utility

314Cited by

12References

23Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Ronald P. Doyle · Raleigh, US
John R. Hind · Raleigh, US
Thomas Narten · Durham, US
Marcia L. Peters · Raleigh, US

Key dates

Filing date	Aug 15, 2001
Grant date	Nov 7, 2006
Priority date	—
Expiry date	May 4, 2024

Classification

Technology area (CPC H)Electricity
CPC primaryH04L61/35
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Methods, systems and computer program products are provided for determining if a packet has a spoofed source Internet Protocol (IP) address. A source media access control (MAC) address of the packet and the source IP address are evaluated to determine if the source IP address of the packet has been bound to the source MAC address at a source device of the packet. The packet is determined to have a spoofed source IP address if the evaluation indicates that the source IP address is not bound to the source MAC address. Such an evaluation may be made for packets having a subnet of the source IP address which matches a subnet from which the packet originated.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.