Security and Privacy in Mobile Information and Communication Systems. First International ICST Conference, MobiSec 2009, Turin, Italy, June 3-5, 2009, Revised Selected Papers

Research Article

SAVAH: Source Address Validation with Host Identity Protocol

Download
518 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-04434-2_17,
        author={Dmitriy Kuptsov and Andrei Gurtov},
        title={ SAVAH: Source Address Validation with Host Identity Protocol },
        proceedings={Security and Privacy in Mobile Information and Communication Systems. First International ICST Conference, MobiSec 2009, Turin, Italy, June 3-5, 2009, Revised Selected Papers},
        proceedings_a={MOBISEC},
        year={2012},
        month={5},
        keywords={Security Authentication LAN HIP},
        doi={10.1007/978-3-642-04434-2_17}
    }
    
  • Dmitriy Kuptsov
    Andrei Gurtov
    Year: 2012
    SAVAH: Source Address Validation with Host Identity Protocol
    MOBISEC
    Springer
    DOI: 10.1007/978-3-642-04434-2_17
Dmitriy Kuptsov1,*, Andrei Gurtov1,*
  • 1: Helsinki University of Technology
*Contact email: dmitriy.kuptsov@hiit.fi, gurtov@hiit.fi

Abstract

Explosive growth of the Internet and lack of mechanisms that validate the authenticity of a packet source produced serious security and accounting issues. In this paper, we propose validating source addresses in LAN using Host Identity Protocol (HIP) deployed in a first-hop router. Compared to alternative solutions such as CGA, our approach is suitable both for IPv4 and IPv6. We have implemented SAVAH in Wi-Fi access points and evaluated its overhead for clients and the first-hop router.