UAS: Universal Anti-Spoofing by Incorporating Existing Mechanisms

-----

* Notice:

The extended research paper was published in the Journal of Communications and Networks.

Hyok An, Heejo Lee, and Adrian Perrig. "Coordination of anti-spoofing mechanisms in partial deployments." Journal of Communications and Networks 18.6 (2016): 948-961

https://doi.org/10.1109/JCN.2016.000129

-----

 

*국제학회 논문

-학회: IEEE Local Computer Networks (LCN)

-일자: 2013년 10월 22일

-저자: 안혁, 이희조, Adrian Perrig

 

Hyok An, Heejo Lee, Adrian Perrig, "UAS: Universal Anti-Spoofing by Incorporating Existing Mechanisms", IEEE Conf. on Local Computer Networks (LCN), pp. 448-451, Oct. 22. 2013.

 

-초록:

IP spoofing is attractive to amplify network attacks and to provide anonymity. Many approaches have to prevent IP spoofing attacks; however, they do not address a significant deployment issue: filtering inefficiency caused by lack of incentives for early adopters. Practically, no mechanism has been widely deployed and none successfully blocks IP spoofing attacks. We propose a universal anti-spoofing (UAS) mechanism that incorporates existing mechanisms to thwart IP spoofing attacks. In the proposed mechanism, intermediate routers utilize any existing anti-spoofing mechanism that ascertains whether a packet is spoofed or not, and inscribes this information in the packet header. The edge routers at a victim network can estimate the forgery of a packet based on the information sent by the upstream routers. The results of experiments conducted with Internet topologies indicate that UAS reduces false alarms up to 84.5% compared to cases where each mechanism operates separately. Our evaluation shows that incorporating multiple anti-spoofing mechanisms reduces false alarms significantly.

 

 

 

 

- file:

LCN2013_UAS_proceeding_ver.pdf

다운로드