Internet source address verification method based on synchronization and dynamic filtering in address domain

Dan LI; Lancheng QIN; Jianping WU; Yingying SU; Mingwei XU; Xingang SHI; Yunan GU; Tao LIN

Dianxin kexue (Oct 2020)

Internet source address verification method based on synchronization and dynamic filtering in address domain

Dan LI,
Lancheng QIN,
Jianping WU,
Yingying SU,
Mingwei XU,
Xingang SHI,
Yunan GU,
Tao LIN

Affiliations

Dan LI
Lancheng QIN
Jianping WU
Yingying SU
Mingwei XU
Xingang SHI
Yunan GU
Tao LIN

Journal volume & issue: Vol. 36
pp. 21 – 28

Abstract

Read online

At the beginning of the design of the Internet architecture,it assumed that all network members were trusted,and did not fully consider the security threat brought by the untrusted network members.For a long time,routers only forward packets based on the destination IP address of the packet,and do not carry out any verification on the source IP address of the packet.The lack of packet level authenticity on the Internet results in the header being maliciously altered.A real source address verification mechanism with routing synchronization and dynamic filtering were proposed.This mechanism constructs the filter table based on the prefix-topology mapping synchronization,the problem of inconsistent state between the filter table and the route caused by routing asymmetry were solved,false positives and false negatives was avoided,and a low-overhead and low-latency source address verification of the IP address prefix level granularity in the address domain were realized.

source address verification;IP source address forgery;routing synchronization;dynamic filtering

Published in Dianxin kexue

ISSN: 1000-0801 (Print)
Publisher: Beijing Xintong Media Co., Ltd
Country of publisher: China
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://www.infocomm-journal.com/dxkx/EN/1000-0801/home.shtml

About the journal

Abstract

Keywords