Presentation 2009-06-19
Validation of packet origin using public route information
Meidai SAITO, Keisuke ISHIBASHI,
PDF Download Page PDF download Page Link
Abstract(in Japanese) (See Japanese page)
Abstract(in English) uRPF is widely used technology to filter source IP spoofed packets, using route information. With uRPF filtering, a router automatically update filtering rules based on its route information and does not require operators' manual change. However, uRPF, specifically strict mode, has a drawback in that it may incorrectly detect packets as spoofed, when route is asymmetric, i.e., the route from the sender and the routes to the sender are different each other. This is due to the fact that uRPF uses the local (received router's own) route information. In this paper, we propose a method to filter using global route information. Here, global means that route information of sender routers. Generally, however, route information of sender routers' are not available. Thus, we use public available route information provided by Route Views project, and estimate the route information of sender routers. We verify 82% ASs can be validated using this estimation.
Keyword(in Japanese) (See Japanese page)
Keyword(in English) IP Spoofing / uRPF / Filtering / BGP
Paper # IA2009-14,ICSS2009-22
Date of Issue

Conference Information
Committee IA
Conference Date 2009/6/11(1days)
Place (in Japanese) (See Japanese page)
Place (in English)
Topics (in Japanese) (See Japanese page)
Topics (in English)
Chair
Vice Chair
Secretary
Assistant

Paper Information
Registration To Internet Architecture(IA)
Language JPN
Title (in Japanese) (See Japanese page)
Sub Title (in Japanese) (See Japanese page)
Title (in English) Validation of packet origin using public route information
Sub Title (in English)
Keyword(1) IP Spoofing
Keyword(2) uRPF
Keyword(3) Filtering
Keyword(4) BGP
1st Author's Name Meidai SAITO
1st Author's Affiliation National Police Academy, Police Info-Communications Research Center()
2nd Author's Name Keisuke ISHIBASHI
2nd Author's Affiliation NTT Information Sharing Platform Laboratories, NTT Corporation
Date 2009-06-19
Paper # IA2009-14,ICSS2009-22
Volume (vol) vol.109
Number (no) 85
Page pp.pp.-
#Pages 6
Date of Issue