Neural network based spoofing detection

What is claimed is: 1. A method for mitigating a spoofing-based attack, comprising: calculating a travel distance between a source Internet Protocol (IP) address and a target IP address from a received packet based on time-to-live (TTL) information from the received packet; estimating an expected travel distance between the source IP address and the target IP address based on a sparse set of known source/target distances, by determining structural correspondences between the source IP address and one or more known source IP addresses, including splitting the source IP address into at least a beginning portion and an end portion and padding the beginning portion and the end portion to form a normalized IP source address; determining that the received packet has a spoofed source IP address using a hardcore processor based on a comparison between the calculated travel distance and the expected travel distance; and performing a security action responsive to the determination that the received packet has a spoofed source IP address, wherein the security action is selected from the group consisting of blocking traffic from the source IP address of the received packet, changing a system security policy, changing a packet filtering setting on an upstream device, discarding the packet, and performing deep packet inspection. 2. The method of claim 1 , wherein estimating the expected travel distance comprises providing the source IP address and the target IP address to a neural network, where an activation function for neurons in the neural network is determined as: f i = { i = 1 softsign ⁡ ( w d × 256 i = 0 × B 256 × 1 i = 0 + b d × 1 i = 0 ) i ∈ { 1 , … ⁢ , n } softsign ⁡ ( w d × ( 256 + d ) i ∈ { 1 , ⁢ … ⁢ , ⁢ n } × concat ⁡ ( B 256 × 1 i ∈ { 1 , ⁢ … ⁢ , n }