Prevent IP Spoofing Based On Link State Database (pisl)
draft-bi-savi-pisl-00
Document | Type |
Withdrawn by Submitter Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | Jun Bi , Baobao Zhang, Bingyang Liu , Fred Baker | ||
Last updated | 2012-07-11 (Latest revision 2012-05-31) | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Withdrawn by Submitter | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
The Internet is suffering from severe DoS and DDoS attacks, and IP spoofing is one common used method to do DoS and DDoS attacks. IP spoofing refers to that attackers send packets with forged source IP addresses. In this memo, we propose one new approach of preventing IP spoofing, which we name PISL. The PISL-enabled router generates the incoming table for source addresses using link state database, which exists in two most widely used intra-domain protocols: OSPF and IS-IS. In this memo, we only describe PISL in the OSPF environment. The PISL-enabled router determines that a packet is spoofed if the packet arrives at an invalid incoming interface. PISL only uses the existing information and does not impose new control messages, so it is easy to be deployed. We have conducted simple simulation, which shows the high effectiveness of PISL: even if PISL is only deployed in 10% of all OSPF routers in a network, 80%~99% of spoofing cases in the network can be detected. Requirements
Authors
Jun Bi
Baobao Zhang
Bingyang Liu
Fred Baker
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)