Packet forwarding with source verification
نویسندگان
چکیده
Routers in the Internet do not perform any verification of the source IP address contained in the packets, leading to the possibility of IP spoofing. The lack of such verification opens the door for a variety of vulnerabilities, including denial-of-service (DoS) and man-in-the-middle attacks. Currently proposed spoofing prevention approaches either focus on protecting only the target of such attacks and not the routing fabric used to forward spoofed packets, or fail under commonly occurring situations like path asymmetry. With incremental deployability in mind, this paper presents two complementary hop-wise packet tagging approaches that equip the routers to drop spoofed packets close to their point of origin. Our simulations show that these approaches dramatically reduce the amount of spoofing possible even under partial deployment.
منابع مشابه
Efficient Position Based Packet Forwarding Protocol for Wireless Sensor Networks
In Wireless Sensor Networks, sensor nodes are controlled by either base station or without bases station. In our scheme, the sensor nodes are not depends on the base station. Once the sensor node sent a packet to the destination node, the residual energy is calculated through the multipath routing approach. In this research work, an Efficient Position based Packet Forwarding Protocol (EPPFP) to...
متن کاملTrajectory-Based Forwarding Mechanisms for Ad-Hoc Sensor Networks
Routing in ad-hoc sensor networks is a complicated task because of many reasons. The nodes are low powered and they cannot maintain routing tables large enough for well-known routing protocols. Because of that, greedy forwarding at intermediate nodes is desirable in ad-hoc networks. Also, for traffic engineering, multipath capabilities are important. So, it is desirable to define routes at the ...
متن کاملNetwork virtualization substrate with parallelized data plane
Network virtualization provides the ability to run multiple concurrent virtual networks over a shared substrate. However, it is challenging to design such a platform to host multiple heterogenous and often highly customized virtual networks. Not only high degree of flexibility is desired for virtual networks to customize their functions, fast packet forwarding is also required. This paper prese...
متن کاملMobile UNITY Coordination Constructs Applied to Packet Forwarding for Mobile Hosts
With recent advances in wireless communication technology, mobile computing is an increasingly important area of research. A mobile system is one where independently executing components may migrate through some space during the course of the computation, and where the pattern of connectivity among the components changes as they move in and out of proximity. Mobile UNITY is a language and logic...
متن کاملOn the Security of In-Packet Bloom-Filter Forwarding
Multicast protocols traditionally require that routers store information about the delivery trees. Recently, source-routed in-packet Bloom-filter (iBF) based multicast has been proposed as a remedy to this: instead of storing state in the network, the delivery tree is encoded in the packet itself using a Bloom filter. The packets are then forwarded based on the in-packet information instead of ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Computer Networks
دوره 52 شماره
صفحات -
تاریخ انتشار 2008