Title :
Source address validation solution with OpenFlow/NOX architecture
Author :
Yao, Guang ; Bi, Jun ; Xiao, Peiyao
Author_Institution :
Network Res. Center, Tsinghua Univ., Beijing, China
Abstract :
Current Internet is lack of validation on source IP address, resulting in many security threats. The future Internet can face the similar routing locator spoofing problem without careful design. The current in-progress source address validation standard, i.e., SAVI, is not of enough protection due to the solution space constraint. In this article, a mechanism named VAVE is proposed to improve the SAVI solutions. VAVE employs OpenFlow protocol, which provides the de facto standard network innovation interface, to solve source address validation problem with a global view. Significant improvements can be found from our evaluation results.
Keywords :
IP networks; Internet; routing protocols; telecommunication security; OpenFlow protocol; OpenFlow-NOX architecture; SAVI; VAVE mechanism; de facto standard network innovation interface; future Internet; routing locator spoofing problem; security threat; solution space constraint; source IP address; source address validation solution; Filtering; IP networks; Internet; Routing; Routing protocols; Switches; IP source address validation; OpenFlow;
Conference_Titel :
Network Protocols (ICNP), 2011 19th IEEE International Conference on
Conference_Location :
Vancouver, BC
Print_ISBN :
978-1-4577-1392-7
DOI :
10.1109/ICNP.2011.6089085