Spoofing prevention method

Research output: Contribution to journalConference articlepeer-review

139 Scopus citations

Abstract

A new approach for filtering spoofed IP packets, called Spoofing Prevention Method (SPM), is proposed. The method enables routers closer to the destination of a packet to verify the authenticity of the source address of the packet. This stands in contrast to standard ingress filtering which is effective mostly at routers next to the source and is ineffective otherwise. In the proposed method a unique temporal key is associated with each ordered pair of source destination networks (AS's, autonomous systems). Each packet leaving a source network S is tagged with the key K(S, D), associated with (S, D), where D is the destination network. Upon arrival at the destination network the key is verified and removed. Thus the method verifies the authenticity of packets carrying the address s which belongs to network S. An efficient implementation of the method, ensuring not to overload the routers, is presented. The major benefits of the method are the strong incentive it provides to network operators to implement it, and the fact that the method lends itself to stepwise deployment, since it benefits networks deploying the method even if it is implemented only on parts of the Internet. These two properties, not shared by alternative approaches, make it an attractive and viable solution to the packet spoofing problem.

Original languageEnglish
Pages (from-to)536-547
Number of pages12
JournalProceedings - IEEE INFOCOM
Volume1
StatePublished - 2005
EventIEEE INFOCOM 2005 - Miami, FL, United States
Duration: 13 Mar 200517 Mar 2005

Fingerprint

Dive into the research topics of 'Spoofing prevention method'. Together they form a unique fingerprint.

Cite this