Coordination of Anti-Spoofing Mechanisms in Partial Deployments
DC Field | Value | Language |
---|---|---|
dc.contributor.author | An, Hyok | - |
dc.contributor.author | Lee, Heejo | - |
dc.contributor.author | Perrig, Adrian | - |
dc.date.accessioned | 2021-09-03T16:36:42Z | - |
dc.date.available | 2021-09-03T16:36:42Z | - |
dc.date.created | 2021-06-16 | - |
dc.date.issued | 2016-12 | - |
dc.identifier.issn | 1229-2370 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/86782 | - |
dc.description.abstract | Internet protocol (IP) spoofing is a serious problem on the Internet. It is an attractive technique for adversaries who wish to amplify their network attacks and retain anonymity. Many approaches have been proposed to prevent IP spoofing attacks; however, they do not address a significant deployment issue, i.e., filtering inefficiency caused by a lack of deployment incentives for adopters. To defeat attacks effectively, one mechanism must be widely deployed on the network; however, the majority of the antispoofing mechanisms are unsuitable to solve the deployment issue by themselves. Each mechanism can work separately; however, their defensive power is considerably weak when insufficiently deployed. If we coordinate partially deployed mechanisms such that they work together, they demonstrate considerably superior performance by creating a synergy effect that overcomes their limited deployment. Therefore, we propose a universal antispoofing (UAS) mechanism that incorporates existing mechanisms to thwart IP spoofing attacks. In the proposed mechanism, intermediate routers utilize any existing anti-spoofing mechanism that can ascertain if a packet is spoofed and records this decision in the packet header. The edge routers of a victim network can estimate the forgery of a packet based on this information sent by the upstream routers. The results of experiments conducted with real Internet topologies indicate that UAS reduces false alarms up to 84.5% compared to the case where each mechanism operates individually. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | KOREAN INST COMMUNICATIONS SCIENCES (K I C S) | - |
dc.subject | PACKET MARKING | - |
dc.subject | DDOS | - |
dc.subject | DEFENSE | - |
dc.title | Coordination of Anti-Spoofing Mechanisms in Partial Deployments | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Lee, Heejo | - |
dc.identifier.doi | 10.1109/JCN.2016.000129 | - |
dc.identifier.scopusid | 2-s2.0-85010504041 | - |
dc.identifier.wosid | 000396016200008 | - |
dc.identifier.bibliographicCitation | JOURNAL OF COMMUNICATIONS AND NETWORKS, v.18, no.6, pp.948 - 961 | - |
dc.relation.isPartOf | JOURNAL OF COMMUNICATIONS AND NETWORKS | - |
dc.citation.title | JOURNAL OF COMMUNICATIONS AND NETWORKS | - |
dc.citation.volume | 18 | - |
dc.citation.number | 6 | - |
dc.citation.startPage | 948 | - |
dc.citation.endPage | 961 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.identifier.kciid | ART002189695 | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.description.journalRegisteredClass | kci | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.subject.keywordPlus | PACKET MARKING | - |
dc.subject.keywordPlus | DDOS | - |
dc.subject.keywordPlus | DEFENSE | - |
dc.subject.keywordAuthor | DDoS attacks | - |
dc.subject.keywordAuthor | Internet protocol (IP) spoofing prevention | - |
dc.subject.keywordAuthor | network security | - |
dc.subject.keywordAuthor | packet filtering | - |
dc.subject.keywordAuthor | packet marking | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(02841) 서울특별시 성북구 안암로 14502-3290-1114
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.