Clip 2/6 Speaker: Jelena Mirkovic · University of Delaware IP spoofing accompanies many malicious activities and is even means for performing reflector DDoS attacks. Route-based filtering (RBF) enables a router to filter spoofed packets based on their incoming interface - this information is stored in an incoming table. Packets arriving on the expected incoming interface for their source address are considered legitimate, while all the other packets are filtered as spoofed. Past research has shown that RBF can be very effective when deployed at the vertex cover of the Internet AS-map (about 1500 ASes) but no practical approach has been proposed for incoming table construction. We first show that RBF achieves high effectiveness even if the number of deploying points is very small (30 chosen deployment points reduce the amount of the spoofed Internet traffic to 5%). We further show that completeness of the incoming tables is critical for filtering effectiveness - partially full tables are as good as empty. This implies that routers cannot rely on reports of a few participating domains to build their incoming tables, but instead must devise means of accurately "guessing" incoming interface information for all traffic they see. Their guessing strategy must quickly react to offending traffic and determine with high accuracy whether the reason for the offense was a route change (in which case incoming interface information must be updated) or spoofing. We next propose a ...
Used Frigidaire Stove Wholesale Big Tree Futons Best Prices Baby Jogger City Elite 2010
No comments:
Post a Comment