Title :
A hierarchical source address validation technique based on cryptographically generated address
Author :
Tan, Pengxu ; Chen, Yue ; Jia, Hongyong ; Mao, Jiangdong
Author_Institution :
Zhengzhou Inst. of Inf. Sci. & Technol., Zhengzhou, China
Abstract :
In order to prevent malicious attacks using spoofed source addresses, a hierarchical source address validation (HSAV) technique based on cryptographically generated address is presented. In HSAV, the IP addresses are generated using hash algorithm, called hierarchical hash based address (HHBA). HSAV is divided into two levels. The one is subnet layer validation, and the other is AS-layer validation. At each layer, part of the HHBA will be validated by the HSAV-complaint network nodes. The experimental system shows that this technique can validate the source addresses of data packets with a low cost.
Keywords :
IP networks; cryptography; telecommunication security; AS-layer validation; HHBA; HSAV technique; HSAV-complaint network node; IP address; cryptographically generated address; data packet; hash algorithm; hierarchical hash based address; hierarchical source address validation; malicious attack; spoofed source address; subnet layer validation; Databases; IP networks; Internet; Protocols; Security; Servers; Switches; cryptographically generated address; hash algorithm; hierarchical hash based address; network code; source address validation;
Conference_Titel :
Computer Science and Automation Engineering (CSAE), 2011 IEEE International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4244-8727-1
DOI :
10.1109/CSAE.2011.5952417
