An inter-AS path vector filter: towards elimination of false negatives

The 21st IEEE International Workshop on Local and Metropolitan Area Networks Pub Date : 2015-04-22 DOI:10.1109/LANMAN.2015.7114734

Zhou Zhang, Y. Liu, Jianping Wu, Gang Ren, J. Bi

{"title":"An inter-AS path vector filter: towards elimination of false negatives","authors":"Zhou Zhang, Y. Liu, Jianping Wu, Gang Ren, J. Bi","doi":"10.1109/LANMAN.2015.7114734","DOIUrl":null,"url":null,"abstract":"IP spoofing based attacks remains a serious and open security problem due to the fact that the current Internet implements no source address authentication mechanisms. A series of anti-spoofing practices have long been proposed while their actual implementation seems far from satisfactory. Route based filters were extensively studied in the design of Inter-AS source address validation methods. Traditional route based filters only use route direction information to establish filtering rules, causing inherited fake negatives. A novel inter-AS filter based on route path vector is proposed to reduce or even eliminate such fake negatives in this article. We name the filter IPVF (Inter-AS Path Vector Filter), which utilizes the route information of both path and distance, exhibits measurable increase in performance and incurs acceptable additional bandwidth cost. Moreover, traditional route based filtering rules is easy to be deduced by attackers. Since the filtering rules of IPVF could change over time by setting parameters, its actual improvement in performance could be exponentially increased.","PeriodicalId":193630,"journal":{"name":"The 21st IEEE International Workshop on Local and Metropolitan Area Networks","volume":"39 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"The 21st IEEE International Workshop on Local and Metropolitan Area Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/LANMAN.2015.7114734","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

IP spoofing based attacks remains a serious and open security problem due to the fact that the current Internet implements no source address authentication mechanisms. A series of anti-spoofing practices have long been proposed while their actual implementation seems far from satisfactory. Route based filters were extensively studied in the design of Inter-AS source address validation methods. Traditional route based filters only use route direction information to establish filtering rules, causing inherited fake negatives. A novel inter-AS filter based on route path vector is proposed to reduce or even eliminate such fake negatives in this article. We name the filter IPVF (Inter-AS Path Vector Filter), which utilizes the route information of both path and distance, exhibits measurable increase in performance and incurs acceptable additional bandwidth cost. Moreover, traditional route based filtering rules is easy to be deduced by attackers. Since the filtering rules of IPVF could change over time by setting parameters, its actual improvement in performance could be exponentially increased.

查看原文本刊更多论文

as间路径矢量滤波器:消除假阴性

由于当前Internet没有实现源地址认证机制，基于IP欺骗的攻击仍然是一个严重的安全问题。长期以来，人们提出了一系列反欺骗措施，但它们的实际实施似乎远非令人满意。基于路由的过滤器在as间源地址验证方法的设计中得到了广泛的研究。传统的基于路由的过滤器只使用路由方向信息来建立过滤规则，导致继承假阴性。本文提出了一种新的基于路由路径向量的as间滤波器来减少甚至消除这种假负。我们将该滤波器命名为IPVF (Inter-AS Path Vector filter)，它利用了路径和距离的路由信息，在性能上有明显的提高，并产生了可接受的额外带宽成本。此外，传统的基于路由的过滤规则很容易被攻击者推断出来。由于IPVF的过滤规则可以通过设置参数而随时间变化，因此其实际性能的提高可以呈指数级增长。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

The 21st IEEE International Workshop on Local and Metropolitan Area Networks

自引率

0.00%

发文量