A hierarchical source address validation technique based on cryptographically generated address

Author

Tan, Pengxu ; Chen, Yue ; Jia, Hongyong ; Mao, Jiangdong

Author_Institution

Zhengzhou Inst. of Inf. Sci. & Technol., Zhengzhou, China

Volume

2

fYear

2011

fDate

10-12 June 2011

Firstpage

33

Lastpage

37

Abstract

In order to prevent malicious attacks using spoofed source addresses, a hierarchical source address validation (HSAV) technique based on cryptographically generated address is presented. In HSAV, the IP addresses are generated using hash algorithm, called hierarchical hash based address (HHBA). HSAV is divided into two levels. The one is subnet layer validation, and the other is AS-layer validation. At each layer, part of the HHBA will be validated by the HSAV-complaint network nodes. The experimental system shows that this technique can validate the source addresses of data packets with a low cost.

Keywords

IP networks; cryptography; telecommunication security; AS-layer validation; HHBA; HSAV technique; HSAV-complaint network node; IP address; cryptographically generated address; data packet; hash algorithm; hierarchical hash based address; hierarchical source address validation; malicious attack; spoofed source address; subnet layer validation; Databases; IP networks; Internet; Protocols; Security; Servers; Switches; cryptographically generated address; hash algorithm; hierarchical hash based address; network code; source address validation;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Science and Automation Engineering (CSAE), 2011 IEEE International Conference on

Conference_Location

Shanghai

Print_ISBN

978-1-4244-8727-1

Type

conf

DOI

10.1109/CSAE.2011.5952417

Filename

5952417