UAS: Universal anti-spoofing by incorporating existing mechanisms

Hyok An, Heejo Lee, Adrian Perrig

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

IP spoofing is attractive to amplify network attacks and to provide anonymity. Many approaches have to prevent IP spoofing attacks; however, they do not address a significant deployment issue: filtering inefficiency caused by lack of incentives for early adopters. Practically, no mechanism has been widely deployed and none successfully blocks IP spoofing attacks. We propose a universal anti-spoofing (UAS) mechanism that incorporates existing mechanisms to thwart IP spoofing attacks. In the proposed mechanism, intermediate routers utilize any existing anti-spoofing mechanism that ascertains whether a packet is spoofed or not, and inscribes this information in the packet header. The edge routers at a victim network can estimate the forgery of a packet based on the information sent by the upstream routers. The results of experiments conducted with Internet topologies indicate that UAS reduces false alarms up to 84.5% compared to cases where each mechanism operates separately. Our evaluation shows that incorporating multiple anti-spoofing mechanisms reduces false alarms significantly.

Original languageEnglish
Title of host publicationProceedings - Conference on Local Computer Networks, LCN
PublisherIEEE Computer Society
Pages316-319
Number of pages4
ISBN (Print)9781479905379
DOIs
Publication statusPublished - 2013 Jan 1
Event38th Annual IEEE Conference on Local Computer Networks, LCN 2013 - Sydney, NSW, Australia
Duration: 2013 Oct 212013 Oct 24

Other

Other38th Annual IEEE Conference on Local Computer Networks, LCN 2013
CountryAustralia
CitySydney, NSW
Period13/10/2113/10/24

Fingerprint

Routers
Topology
Internet
Experiments

Keywords

  • DDoS attacks
  • IP spoofing prevention
  • Network security
  • packet filtering
  • packet marking

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture

Cite this

An, H., Lee, H., & Perrig, A. (2013). UAS: Universal anti-spoofing by incorporating existing mechanisms. In Proceedings - Conference on Local Computer Networks, LCN (pp. 316-319). [6761258] IEEE Computer Society. https://doi.org/10.1109/LCN.2013.6761258

UAS : Universal anti-spoofing by incorporating existing mechanisms. / An, Hyok; Lee, Heejo; Perrig, Adrian.

Proceedings - Conference on Local Computer Networks, LCN. IEEE Computer Society, 2013. p. 316-319 6761258.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

An, H, Lee, H & Perrig, A 2013, UAS: Universal anti-spoofing by incorporating existing mechanisms. in Proceedings - Conference on Local Computer Networks, LCN., 6761258, IEEE Computer Society, pp. 316-319, 38th Annual IEEE Conference on Local Computer Networks, LCN 2013, Sydney, NSW, Australia, 13/10/21. https://doi.org/10.1109/LCN.2013.6761258
An H, Lee H, Perrig A. UAS: Universal anti-spoofing by incorporating existing mechanisms. In Proceedings - Conference on Local Computer Networks, LCN. IEEE Computer Society. 2013. p. 316-319. 6761258 https://doi.org/10.1109/LCN.2013.6761258
An, Hyok ; Lee, Heejo ; Perrig, Adrian. / UAS : Universal anti-spoofing by incorporating existing mechanisms. Proceedings - Conference on Local Computer Networks, LCN. IEEE Computer Society, 2013. pp. 316-319
@inproceedings{fec9b6ec496e4532bbcd425e37fd17c7,
title = "UAS: Universal anti-spoofing by incorporating existing mechanisms",
abstract = "IP spoofing is attractive to amplify network attacks and to provide anonymity. Many approaches have to prevent IP spoofing attacks; however, they do not address a significant deployment issue: filtering inefficiency caused by lack of incentives for early adopters. Practically, no mechanism has been widely deployed and none successfully blocks IP spoofing attacks. We propose a universal anti-spoofing (UAS) mechanism that incorporates existing mechanisms to thwart IP spoofing attacks. In the proposed mechanism, intermediate routers utilize any existing anti-spoofing mechanism that ascertains whether a packet is spoofed or not, and inscribes this information in the packet header. The edge routers at a victim network can estimate the forgery of a packet based on the information sent by the upstream routers. The results of experiments conducted with Internet topologies indicate that UAS reduces false alarms up to 84.5{\%} compared to cases where each mechanism operates separately. Our evaluation shows that incorporating multiple anti-spoofing mechanisms reduces false alarms significantly.",
keywords = "DDoS attacks, IP spoofing prevention, Network security, packet filtering, packet marking",
author = "Hyok An and Heejo Lee and Adrian Perrig",
year = "2013",
month = "1",
day = "1",
doi = "10.1109/LCN.2013.6761258",
language = "English",
isbn = "9781479905379",
pages = "316--319",
booktitle = "Proceedings - Conference on Local Computer Networks, LCN",
publisher = "IEEE Computer Society",

}

TY - GEN

T1 - UAS

T2 - Universal anti-spoofing by incorporating existing mechanisms

AU - An, Hyok

AU - Lee, Heejo

AU - Perrig, Adrian

PY - 2013/1/1

Y1 - 2013/1/1

N2 - IP spoofing is attractive to amplify network attacks and to provide anonymity. Many approaches have to prevent IP spoofing attacks; however, they do not address a significant deployment issue: filtering inefficiency caused by lack of incentives for early adopters. Practically, no mechanism has been widely deployed and none successfully blocks IP spoofing attacks. We propose a universal anti-spoofing (UAS) mechanism that incorporates existing mechanisms to thwart IP spoofing attacks. In the proposed mechanism, intermediate routers utilize any existing anti-spoofing mechanism that ascertains whether a packet is spoofed or not, and inscribes this information in the packet header. The edge routers at a victim network can estimate the forgery of a packet based on the information sent by the upstream routers. The results of experiments conducted with Internet topologies indicate that UAS reduces false alarms up to 84.5% compared to cases where each mechanism operates separately. Our evaluation shows that incorporating multiple anti-spoofing mechanisms reduces false alarms significantly.

AB - IP spoofing is attractive to amplify network attacks and to provide anonymity. Many approaches have to prevent IP spoofing attacks; however, they do not address a significant deployment issue: filtering inefficiency caused by lack of incentives for early adopters. Practically, no mechanism has been widely deployed and none successfully blocks IP spoofing attacks. We propose a universal anti-spoofing (UAS) mechanism that incorporates existing mechanisms to thwart IP spoofing attacks. In the proposed mechanism, intermediate routers utilize any existing anti-spoofing mechanism that ascertains whether a packet is spoofed or not, and inscribes this information in the packet header. The edge routers at a victim network can estimate the forgery of a packet based on the information sent by the upstream routers. The results of experiments conducted with Internet topologies indicate that UAS reduces false alarms up to 84.5% compared to cases where each mechanism operates separately. Our evaluation shows that incorporating multiple anti-spoofing mechanisms reduces false alarms significantly.

KW - DDoS attacks

KW - IP spoofing prevention

KW - Network security

KW - packet filtering

KW - packet marking

UR - http://www.scopus.com/inward/record.url?scp=84898020330&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84898020330&partnerID=8YFLogxK

U2 - 10.1109/LCN.2013.6761258

DO - 10.1109/LCN.2013.6761258

M3 - Conference contribution

AN - SCOPUS:84898020330

SN - 9781479905379

SP - 316

EP - 319

BT - Proceedings - Conference on Local Computer Networks, LCN

PB - IEEE Computer Society

ER -