Experience with SPM in IPv6

Authors:
Mingjiang Ye;Jianping Wu;Miao Zhang
Affiliations:
Department of Computer Science, Tsinghua University, Beijing, 100084, P.R. China;Department of Computer Science, Tsinghua University, Beijing, 100084, P.R. China;Department of Computer Science, Tsinghua University, Beijing, 100084, P.R. China
Venue:
ICCS '07 Proceedings of the 7th international conference on Computational Science, Part IV: ICCS 2007
Year:
2007

Citing 4
Cited 0

Pi: A Path Identification Mechanism to Defend against DDoS Attacks

SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Analysis of a Denial of Service Attack on TCP

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Hop-count filtering: an effective defense against spoofed DDoS traffic

Proceedings of the 10th ACM conference on Computer and communications security
The spoofer project: inferring the extent of source address filtering on the internet

SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop

Quantified Score

Hi-index	0.00

Visualization

Abstract

The lack of source IP address checking makes it easy for the attackers to spoof the source address. Spoofing Prevention Method (SPM), as a prospective candidate to be deployed in the Internet, is a newly proposed scheme to solve this problem. However, there is no work on SPM prototype system. In this paper, we present our experience in achieving a prototype system for SPM. In addition to realizing the basic idea of SPM described in the original paper, we make the following three contributions: First, the detail design is made for the whole SPM system architecture and detail mechanisms. Second, several important issues for SPM system are addressed, e.g., how to carry the key required by SPM, the MTU problem, etc. Third, a prototype system is made and some experiments are done with this prototype system.