Research Article
Realizing a Source Authentic Internet
@INPROCEEDINGS{10.1007/978-3-642-16161-2_13, author={Toby Ehrenkranz and Jun Li and Patrick McDaniel}, title={Realizing a Source Authentic Internet}, proceedings={Security and Privacy in Communication Networks. 6th Iternational ICST Conference, SecureComm 2010, Singapore, September 7-9, 2010. Proceedings}, proceedings_a={SECURECOMM}, year={2012}, month={5}, keywords={IP spoofing IP source address IP spoofing detection incoming table pushback}, doi={10.1007/978-3-642-16161-2_13} }- Toby Ehrenkranz
Jun Li
Patrick McDaniel
Year: 2012
Realizing a Source Authentic Internet
SECURECOMM
Springer
DOI: 10.1007/978-3-642-16161-2_13
Abstract
An innate deficiency of the Internet is its susceptibility to IP spoofing. Whereas a router uses a forwarding table to determine where it should send a packet, previous research has found that a router can similarly employ an incoming table to verify where a packet should come from, thereby detecting IP spoofing. Based on a previous protocol for building incoming tables, SAVE, this paper introduces new mechanisms that not only address a critical deficiency of SAVE when it is incrementally deployed (incoming table entries becoming obsolete), but can also push the filtering of spoofing packets towards the SAVE router that is closest to spoofers. With these new mechanisms, and under the assumption of incremental deployment, we further discuss the security of SAVE, evaluate its efficacy, accuracy, and overhead, and look into its deployment incentives. Our results show incoming-table-based IP spoofing detection is a feasible and effective solution.