{"title":"基于路径反向散射沉默的源地址验证过滤部署推演","authors":"S. Saurabh, A. Sairam","doi":"10.1109/NCC.2018.8600212","DOIUrl":null,"url":null,"abstract":"IP source spoofing is a consequence of lack of packet level authentication in the Internet which allows attackers to carry out Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. Source address validation filtering is one of the most important scheme that is deployed in the Internet to deter such attacks by filtering the spoofed IP packets. In this paper, we propose a novel scheme to study the deployment of source address validation-filtering by using some special path backscatter messages that are generated by the spoofed traffic. We use the long term absence of such messages from an Autonomous System (AS) to classify it as non-spoofer AS. We use Caida's backscatter dataset for our study. We provide the list of spoofer and non-spoofer ASes from the given dataset. We also provide detailed mathematical analysis for calculating the amount of time we need to wait before declaring an AS as a non-spoofer. Besides, we use the normal approximation of binomial distribution to calculate confidence interval for the proportion of ASes allowing spoofing and to test the hypothesis regarding the spoofing activity in the Internet.","PeriodicalId":121544,"journal":{"name":"2018 Twenty Fourth National Conference on Communications (NCC)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Inferring the Deployment of Source Address Validation Filtering using Silence of Path-Backscatter\",\"authors\":\"S. Saurabh, A. Sairam\",\"doi\":\"10.1109/NCC.2018.8600212\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"IP source spoofing is a consequence of lack of packet level authentication in the Internet which allows attackers to carry out Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. Source address validation filtering is one of the most important scheme that is deployed in the Internet to deter such attacks by filtering the spoofed IP packets. In this paper, we propose a novel scheme to study the deployment of source address validation-filtering by using some special path backscatter messages that are generated by the spoofed traffic. We use the long term absence of such messages from an Autonomous System (AS) to classify it as non-spoofer AS. We use Caida's backscatter dataset for our study. We provide the list of spoofer and non-spoofer ASes from the given dataset. We also provide detailed mathematical analysis for calculating the amount of time we need to wait before declaring an AS as a non-spoofer. Besides, we use the normal approximation of binomial distribution to calculate confidence interval for the proportion of ASes allowing spoofing and to test the hypothesis regarding the spoofing activity in the Internet.\",\"PeriodicalId\":121544,\"journal\":{\"name\":\"2018 Twenty Fourth National Conference on Communications (NCC)\",\"volume\":\"19 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 Twenty Fourth National Conference on Communications (NCC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NCC.2018.8600212\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 Twenty Fourth National Conference on Communications (NCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NCC.2018.8600212","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Inferring the Deployment of Source Address Validation Filtering using Silence of Path-Backscatter
IP source spoofing is a consequence of lack of packet level authentication in the Internet which allows attackers to carry out Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. Source address validation filtering is one of the most important scheme that is deployed in the Internet to deter such attacks by filtering the spoofed IP packets. In this paper, we propose a novel scheme to study the deployment of source address validation-filtering by using some special path backscatter messages that are generated by the spoofed traffic. We use the long term absence of such messages from an Autonomous System (AS) to classify it as non-spoofer AS. We use Caida's backscatter dataset for our study. We provide the list of spoofer and non-spoofer ASes from the given dataset. We also provide detailed mathematical analysis for calculating the amount of time we need to wait before declaring an AS as a non-spoofer. Besides, we use the normal approximation of binomial distribution to calculate confidence interval for the proportion of ASes allowing spoofing and to test the hypothesis regarding the spoofing activity in the Internet.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
