Deployability Evaluation Model And Method Design For Inter-domain Source Address Validation On The Internet

On the current Internet, IP source address spoofing is widely used in network attack-s to hide attack sources or achieve special attack efects, which tremendously threatensnetwork security, damages network trust infrastructure, disturbs network management,and impedes network innovation and development. Inter-domain source address valida-tion methods suppress the spoofed trafc in the network by enhancing the domain-levelsource address genuineness. In recent ten years, although many inter-domain source ad-dress validation methods have been proposed, and some of them have been implementedin routers, none of them has been sufciently deployed. The deployment ratio has notbeen improved for years, and the spoofing attacks are becoming more and more serious.To promote the deployment and application, this thesis is dedicated to the research onthe deployability issues of inter-domain source address validation methods. From the de-ployers’ appeal of profit, this thesis proposes deployability evaluation criteria, establishesevaluation models, evaluates existing validation methods, summarizes design principlesof the validation methods, designs highly deployable validation methods and implementsand deploys one to them on the real Internet.The main content is as follows.1. The deployability evaluation criteria and evaluation models of inter-domainsource address validation methods are proposed. From the deployers’ perspective, de-ployment benefit, deployment cost and operation risk are defined as the three deploymentcriteria. The rationality of the criteria is proved using the theory in economics. Quantita-tive evaluation models are established for the three criteria, and the correctness is verified.2. The deployability measures of existing inter-domain source address validationmethods are evaluated. Based on the proposed evaluation models, with real Internet data,the deployment benefit, deployment cost, and operation risk of existing validation meth-ods are assessed. With the innovative categorization of the methods, the deployabilitycharacteristics of each category are summarized.3. The design goals, feasible design space, and design principles of inter-domainsource address validation methods are proposed. With theoretical analysis, Pareto optimalvalidation methods in the multi-objective optimization are taken as the design goals. Withpractical demands, low operation risk is locked as a must, so that the number of the dimensions of the design space can be reduced. The feasible design space is stated,and the locations and characteristics of the Pareto optimal solutions are depicted. Thedesign principles of validation methods are summarized, which will guide the design ofthe following Pareto optimal validation methods.4. A low-risk and low-cost mutual end-based filtering method (MIEF) is proposed.MIEF is based on the existing end-based filtering techniques that have already been im-plemented in routers so as to realize both low risk and low cost, and MIEF enhancesdeployment benefits with the mutual help between deployers. The control system, ac-counting system and data plane optimization algorithms are designed, and the deploya-bility measures are evaluated.5. A low-risk and high-benefit inter-domain collaborative defense system (ICS) isproposed. ICS utilizes both end-based and end-to-end-based protection functions and es-tablishes an inter-domain collaboration alliance to achieve both low risk and high benefit,and ICS lowers cost with on-demand defense. The protection functions, control systemand data plane protocols are designed, and the deployability measures are evaluated. Thesystem is implemented and deployed in a large-scale production network.