English

Source Address Validation

Networking and Internet Architecture 2023-01-25 v1
Authors: Maciej Korczyński , Yevheniya Nosyk
View on arXiv PDF DOI

Abstract

Source address validation (SAV) is a standard formalized in RFC 2827 aimed at discarding packets with spoofed source IP addresses. The absence of SAV has been known as a root cause of reflection distributed denial-of-service (DDoS) attacks. Outbound SAV (oSAV): filtering applied at the network edge to traffic coming from inside the customer network to the outside. Inbound SAV (iSAV): filtering applied at the network edge to traffic coming from the outside to the customer network.

Cite

@article{arxiv.2301.09952,
  title  = {Source Address Validation},
  author = {Maciej Korczyński and Yevheniya Nosyk},
  journal= {arXiv preprint arXiv:2301.09952},
  year   = {2023}
}

Comments

arXiv admin note: substantial text overlap with arXiv:2006.05277, arXiv:2002.00441

Related papers

View all related →
Networking and Internet Architecture · Computer Science
The Closed Resolver Project: Measuring the Deployment of Source Address Validation of Inbound Traffic
Yevheniya Nosyk, Maciej Korczyński, Qasim Lone, Marcin Skwarek +2
2023-03-29
Networking and Internet Architecture · Computer Science
Don't Forget to Lock the Front Door! Inferring the Deployment of Source Address Validation of Inbound Traffic
Maciej Korczyński, Yevheniya Nosyk, Qasim Lone, Marcin Skwarek +2
2020-03-31
Cryptography and Security · Computer Science
Detecting Distributed Denial of Service Attacks Using Logistic Regression and SVM Methods
Mohammad Arafat Ullah, Arthy Anjum, Rashedul Amin Tuhin, Shamim Akhter
2024-11-25
Networking and Internet Architecture · Computer Science
Routing-Verification-as-a-Service (RVaaS): Trustworthy Routing Despite Insecure Providers
Liron Schiff, Kashyap Thimmaraju, Stefan Schmid
2016-09-09
Cryptography and Security · Computer Science
A Survey of Distributed Denial of Service Attacks and Defenses
Rajat Tandon
2020-08-05
Cryptography and Security · Computer Science
Review of syn-flooding attack detection mechanism
Mehdi Ebady Manna, Angela Amphawan
2012-02-09
Cryptography and Security · Computer Science
Formal Analysis of an Authentication Protocol Against External Cloud-Based Denial-of-Service (DoS) Attack
Marwan Darwish, Abdelkader Ouda, Luiz Fernando Capretz
2017-11-29
Cryptography and Security · Computer Science
Deep Learning-Based Out-of-distribution Source Code Data Identification: How Far Have We Gone?
Van Nguyen, Xingliang Yuan, Tingmin Wu, Surya Nepal +2
2024-04-16
Networking and Internet Architecture · Computer Science
A Reproducibility Study of "IP Spoofing Detection in Inter-Domain Traffic"
Jasper Eumann, Raphael Hiesgen, Thomas C. Schmidt, Matthias Wählisch
2021-10-05
Networking and Internet Architecture · Computer Science
A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN)
Quamar Niyaz, Weiqing Sun, Ahmad Y Javaid
2018-01-03
Cryptography and Security · Computer Science
DDoS Attack Detection Method Based on Network Abnormal Behavior in Big Data Environment
Jing Chen, Xiangyan Tang, Jieren Cheng, Fengkai Wang +1
2019-03-29
Cryptography and Security · Computer Science
Exception Agent Detection System for IP Spoofing Over Online Environments
Al-Sammarraie Hosam, Adli Mustafa, Shakeel Ahmad, Merza Abbas
2009-11-04
Cryptography and Security · Computer Science
Detecting DDoS Attack on SDN Due to Vulnerabilities in OpenFlow
Sarwan Ali, Maria Khalid Alvi, Safi Faizullah, Muhammad Asad Khan +2
2020-02-04
Networking and Internet Architecture · Computer Science
Packet Score based network security and Traffic Optimization
k. Saravanan, S. Karthik
2012-02-10
Networking and Internet Architecture · Computer Science
Amplification and DRDoS Attack Defense -- A Survey and New Perspectives
Fabrice J. Ryba, Matthew Orlinski, Matthias Wählisch, Christian Rossow +1
2016-08-08
Networking and Internet Architecture · Computer Science
Software-Defined Adversarial Trajectory Sampling
Kashyap Thimmaraju, Liron Schiff, Stefan Schmid
2017-05-02
Cryptography and Security · Computer Science
A Robust Mechanism for Defending Distributed Denial OF Service Attacks on Web Servers
Jaydip Sen
2011-03-18
Networking and Internet Architecture · Computer Science
TARN: A SDN-based Traffic Analysis Resistant Network Architecture
Lu Yu, Qing Wang, Geddings Barrineau, Jon Oakley +2
2018-04-06
Cryptography and Security · Computer Science
A Flow is a Stream of Packets: A Stream-Structured Data Approach for DDoS Detection
Raja Giryes, Lior Shafir, Avishai Wool
2024-05-14
Cryptography and Security · Computer Science
Defending Root DNS Servers Against DDoS Using Layered Defenses
A S M Rizvi, Jelena Mirkovic, John Heidemann, Wesley Hardaker +1
2022-09-16
Networking and Internet Architecture · Computer Science
Active Internet Traffic Filtering: Real-time Response to Denial of Service Attacks
Katerina J. Argyraki, David R. Cheriton
2012-10-26
Cryptography and Security · Computer Science
An Efficient Detection Mechanism for Distributed Denial of Service (DDoS) Attack
Saravanan Kumarasamy, Dr. R. Asokan
2013-02-22
Cryptography and Security · Computer Science
Dynamic and Auto Responsive Solution for Distributed Denial-of-Service Attacks Detection in ISP Network
B. B. Gupta, R. C. Joshi, Manoj Misra
2012-04-26
Cryptography and Security · Computer Science
SDN-Based Intrusion Detection System for Early Detection and Mitigation of DDoS Attacks
Pedro Manso, Jose Moura, Carlos Serrao
2021-04-16
Cryptography and Security · Computer Science
DDoSDet: An approach to Detect DDoS attacks using Neural Networks
Aman Rangapur, Tarun Kanakam, Ajith Jubilson
2022-01-25
R2 v1 2026-06-28T08:18:33.930Z