Enable a trustworthy network by source address spoofing prevention routers: a formal description
作者: Jun Bi , Jianping Wu , Miao Zhang , None
DOI: 10.1007/11807964_69
关键词:
摘要: The lack of verifying source address in Internet makes it easy for attackers to spoof the IP address. One challenges has been recognized is building mechanisms routers verify This paper discusses Source Address Spoofing Prevention (SASP) mechanisms, presents a formal description on SASP network and router, proposes hierarchical architecture, some design principles mechanisms.
springer.com
sci-hub.st 参考文章(12)
Steven Bauer, Robert Beverly, The spoofer project: inferring the extent of source address filtering on the internet conference on steps to reducing unwanted traffic on internet. pp. 8- 8 ,(2005)
D. Senie, P. Ferguson, Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing RFC 2827-BCP 38. ,vol. 2267, pp. 1- 10 ,(1998)
A. Bremler-Barr, H. Levy, Spoofing prevention method international conference on computer communications. ,vol. 1, pp. 536- 547 ,(2005) , 10.1109/INFCOM.2005.1497921
Stefan Savage, David Wetherall, Anna Karlin, Tom Anderson, Practical network support for IP traceback acm special interest group on data communication. ,vol. 30, pp. 295- 306 ,(2000) , 10.1145/347057.347560
Cheng Jin, Haining Wang, Kang G. Shin, Hop-count filtering: an effective defense against spoofed DDoS traffic computer and communications security. pp. 30- 41 ,(2003) , 10.1145/948109.948116
A. Yaar, A. Perrig, D. Song, StackPi: New Packet Marking and Filtering Mechanisms for DDoS and IP Spoofing Defense IEEE Journal on Selected Areas in Communications. ,vol. 24, pp. 1853- 1863 ,(2006) , 10.1109/JSAC.2006.877138
Kihong Park, Heejo Lee, On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack international conference on computer communications. ,vol. 1, pp. 338- 347 ,(2001) , 10.1109/INFCOM.2001.916716
A.C. Snoeren, C. Partridge, L.A. Sanchez, C.E. Jones, F. Tchakountio, B. Schwartz, S.T. Kent, W.T. Strayer, Single-packet IP traceback IEEE ACM Transactions on Networking. ,vol. 10, pp. 721- 734 ,(2002) , 10.1109/TNET.2002.804827
A. Yaar, A. Perrig, D. Song, Pi: a path identification mechanism to defend against DDoS attacks ieee symposium on security and privacy. pp. 93- 107 ,(2003) , 10.1109/SECPRI.2003.1199330
Jun Li, Jelena Mirkovic, Mengqiu Wang, Peter Reiher, Lixia Zhang, None, SAVE: source address validity enforcement protocol international conference on computer communications. ,vol. 3, pp. 1557- 1566 ,(2002) , 10.1109/INFCOM.2002.1019407