Mitigating Insider Threat’s IP Spoofing through Enhanced Dynamic Cluster Algorithm (EDPU Based HCF)

O. A. Akano

Department of Computer Sciences, First Technical University, Ibadan, Nigeria.

T. O. Olayinka

Department of Computer Sciences, First Technical University, Ibadan, Nigeria.

O. D. Adeniji *

Department of Computer Sciences, University of Ibadan, Ibadan, Nigeria.

B.O. Ogunjinmi

Department of Computer Sciences, Ajayi Crowther University, Oyo, Nigeria.

*Author to whom correspondence should be addressed.


Abstract

Insider Threat has always been a major problem to computer security due to unauthorized system misuse by users in an organization. Understanding the concept and the inherent adverse consequences of the insider threat can assist in postulating mitigating approaches and techniques to the menace. Insider intrusion, from researches, experiences and literature have proved to be more expensive and destructive more than external attacks due the comprehensive understanding of the internal operations of the organization by the perpetrator. Many researchers have explored into the unhealthy nature of insider activity with the aim of eliminating the threat, thereby identifying the various categories as theft of intellectual property, fraud, sabotage, espionage. This work tends to address the menace by studying models for detecting, reducing and eliminating the threat through IP Spoofing in order to propose a better model for the intrusion. Certain experimental research through analysis of network data measurement has shown that HCF (Hop Count Filtering) can discover and discard almost 90% of spoofed IP packets but an improvement on this experiment called DPU (Dynamic Path Update) Based Hop Count Filtering has proved to identify and discard more than 90%. This was carried out in Linux Kernel environment to substantiate the effectiveness of its measurements. However, enhancing enhancing the performance of the DPU-based HCF by reducing the packet size of packets at the point of entry in order to decrease the network traffic, and to permanently discard 100% spoofed packets is the research direction of this work

Keywords: Insider threat, IP spoofing, DDOS, TTL, hop count


How to Cite

Akano, O. A., Olayinka , T. O., Adeniji , O. D., & Ogunjinmi , B. (2024). Mitigating Insider Threat’s IP Spoofing through Enhanced Dynamic Cluster Algorithm (EDPU Based HCF). Advances in Research, 25(3), 85–90. https://doi.org/10.9734/air/2024/v25i31052

Downloads

Download data is not yet available.

References

Toffalini F, Homoliak I, Harilal A, Binder A, Ochoa M. Detection of masqueraders based on graph partitioning of file system access events; Proceedings of the 2018. IEEE security and privacy workshops (SPW). San Francisco. 2018;217-27. DOI: 10.1109/SPW.2018.00037

Alhajjar E, Bradley T. Survival analysis for insider threat. Comput Math Organ Theor. 2021;1-17.

Eze C, Adeniji OD. Character proximity for RFID smart certificate system: A revolutionary security measure to curb forgery menace. Int J SciTechnol Res IJSTR. 2014;3:66-70.

Ojoawo AO, Adeniji OD. Energy efficient hierarchical cluster head election using exponential decay function prediction. Int J Wirel. 2018;10(5):17-31. DOI: 10.5121/ijwmn.2018.10502

Georgiadou A, Mouzakitis S, Askounis D. Detecting insider threat via a cyber-security cultur framework. J ComputInf Syst. 2021:1-11.

Adeniji OD, Adekeye DB, Ajagbe SA, Adesina AO, Oguns YJ, Oladipupo MA. Development of DDoS attack detection approach in software defined network using support vector machine classifier. In:. (eds) Pervasive Computing and Social Networking. Lecture Notes in Networks and Systems. Vol. 475. Springer. 2022;319-31.

Adeniji OD, Ukam JJ Immune inspired concepts using neural network for intrusion detection in cybersecurity. Proceedings of the 20th iSTEAMS multidisciplinary trans-Atlantic going global conference. 2019;119-26.

Adeniji OD. Dynamic flow reduction scheme using two tags multi-protocol label switching (MPLS) in software define network. Int J Emerg Trends Eng Res. March. 2022;10(3):03.

Bose B, Avasarala B, Tirthapura S, Chung YY, Steiner D. Detecting insider threats using RADISH: A system for real-time anomaly detection in heterogeneous data streams. IEEE Syst J. 2017;11(2):471- 82. DOI: 10.1109/JSYST.2016.2558507

Denney K, Babun L, Uluagac AS. USB-watch: A generalized hardware-assisted insider threat detection framework. J HardwSystSecur. 2020;4(2):136-49. DOI: 10.1007/s41635-020-00092-z

Adeniji OD, Osofisan A. Route optimization in MIPv6 experimental test bed for network mobility: Trade off analysis and evaluation. Int J ComputSciInf Sec IJCSIS. 2020;18(5):19-28.

Adeniji OD, Olatunji OO. Zero day attack prediction with parameter setting using bi direction recurrent neural network in cyber security. Int J ComputSciInf Sec IJCSIS. 2020;18(3):111-8.

Erdin E, Aksu H, Uluagac S, Vai M, Akkaya K. OS independent and hardware-assisted insider threat detection and prevention framework. Proceedings of the 2018 IEEE military communications conference (MILCOM2018). Los Angeles. CA. 2018;926-32. DOI: 10.1109/MILCOM.2018.8599719