Review of Internet Inter-Domain IP Source Address Validation Technology
Author:
Affiliation:

Clc Number:

Fund Project:

National Natural Science Foundation of China (61772307, 61402257); National Basic Research Program of China (973) (2009CB320500, 2009CB320501); Tsinghua University Self-Determined Project (2014z21051)

  • Article
  • |
  • Figures
  • |
  • Metrics
  • |
  • Reference
  • |
  • Related
  • |
  • Cited by
  • |
  • Materials
  • |
  • Comments
    Abstract:

    The current Internet is based on the destination address forwarding in which the source address remains unverified. However, one of the root causes of Internet security problems is the untrustworthy source address. As the Internet plays an increasingly important role in political and economic fields, the security of the Inter-domain Internet becomes more crucial. For instance, the US Department of Homeland Security (DHS) has included the Inter-domain routing security in the national strategy of US information security. In recent years, innovation and evolution of the Internet are significantly undermined by the IP spoofing based distributed denial of service attacks, most of which are Inter-domain and transnational. Therefore, the Inter-domain source address validation becomes extremely important for Internet security. Although there are many techniques proposed in the relevant fields, none of them are appropriate for large-scale deployment. This paper reviews the existing research and standard progress of Inter-domain source address validation technology. First, the reasons and consequences of the lack of source address security are analyzed, and the significance of source address validation is illustrated by examining the progress of the technical standardization. Next, the advantages and disadvantages of various existing important source address validation methods are summarized. Then, the difficulties and challenges faced by the current Inter-domain source address validation technology are discussed. Finally, the prospective research directions and design principles are proposed as a reference for potential future works.

    Reference
    Related
    Cited by
Get Citation

贾溢豪,任罡,刘莹.互联网自治域间IP源地址验证技术综述.软件学报,2018,29(1):176-195

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:March 16,2016
  • Revised:March 27,2017
  • Adopted:
  • Online: July 20,2017
  • Published:
You are the firstVisitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063