UAS: Universal anti-spoofing by incorporating existing mechanisms

Hyok An, Heejo Lee, Adrian Perrig

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

IP spoofing is attractive to amplify network attacks and to provide anonymity. Many approaches have to prevent IP spoofing attacks; however, they do not address a significant deployment issue: filtering inefficiency caused by lack of incentives for early adopters. Practically, no mechanism has been widely deployed and none successfully blocks IP spoofing attacks. We propose a universal anti-spoofing (UAS) mechanism that incorporates existing mechanisms to thwart IP spoofing attacks. In the proposed mechanism, intermediate routers utilize any existing anti-spoofing mechanism that ascertains whether a packet is spoofed or not, and inscribes this information in the packet header. The edge routers at a victim network can estimate the forgery of a packet based on the information sent by the upstream routers. The results of experiments conducted with Internet topologies indicate that UAS reduces false alarms up to 84.5% compared to cases where each mechanism operates separately. Our evaluation shows that incorporating multiple anti-spoofing mechanisms reduces false alarms significantly.

Original languageEnglish
Title of host publicationProceedings - Conference on Local Computer Networks, LCN
PublisherIEEE Computer Society
Pages316-319
Number of pages4
ISBN (Print)9781479905379
DOIs
Publication statusPublished - 2013 Jan 1
Event38th Annual IEEE Conference on Local Computer Networks, LCN 2013 - Sydney, NSW, Australia
Duration: 2013 Oct 212013 Oct 24

Other

Other38th Annual IEEE Conference on Local Computer Networks, LCN 2013
CountryAustralia
CitySydney, NSW
Period13/10/2113/10/24

    Fingerprint

Keywords

  • DDoS attacks
  • IP spoofing prevention
  • Network security
  • packet filtering
  • packet marking

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture

Cite this

An, H., Lee, H., & Perrig, A. (2013). UAS: Universal anti-spoofing by incorporating existing mechanisms. In Proceedings - Conference on Local Computer Networks, LCN (pp. 316-319). [6761258] IEEE Computer Society. https://doi.org/10.1109/LCN.2013.6761258