Method for verifying intra-domain Internet protocol (IP) source address

A source address and address technology, applied in the Internet field, to achieve the effect of simple implementation and small changes

Active Publication Date: 2010-12-15
TSINGHUA UNIV
View PDF3 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] Therefore, it is necessary to propose an effective technical solution to solve the problem of IP source address verification in the domain under the current IPv6 or IPv4 protocol

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for verifying intra-domain Internet protocol (IP) source address
  • Method for verifying intra-domain Internet protocol (IP) source address
  • Method for verifying intra-domain Internet protocol (IP) source address

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary only for explaining the present invention and should not be construed as limiting the present invention.

[0024] The solution proposed by the present invention is deployed on network nodes in the domain, such as routers or layer-3 switches. The scheme proposed by the present invention can verify all the source addresses of the prefix granularity of the deployment point, by establishing the mapping relationship between the source address prefix and the destination address prefix and the interface entering the deployment node, and converting this mapping relationship into Access- list is configured in the ACL of the deployment node to verify t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a method for verifying an intra-domain Internet protocol (IP) source address. The method comprises the following steps of: establishing a prefix of the source address, a prefix of a destination address and a mapping relation table which is called filter database (FTDB) in the invention of an inbound interface by a central controller; converting the mapping relational table which is called filter database (FTDB) in the invention into an access list and configuring the access list in an access control list (ACL) of a node; and filtering a false source address message passing through the node through the ACL by the node. In the scheme provided by the invention, the message is checked and verified by recording the source address, the destination address and an inlet port, so that the problem of the verification of the intra-domain IP source address under the conventional Ipv6 or Ipv4 protocol is solved.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular, the invention relates to a method for verifying an IP source address in a domain. Background technique [0002] With the changes in the Internet usage environment, the defects of Internet technology are gradually being exposed, among which the authenticity of the source address is not guaranteed is an important issue. At the beginning of the Internet, it was mainly used for academic purposes. At that time, it was assumed that all devices in the network were trustworthy, so the authenticity of the source address was not verified during the packet forwarding process. In the current complex Internet environment, this kind of universal trustworthiness of network devices has long since ceased to exist. On the contrary, each device may forge its source address to achieve special purposes. Today, it is very common to forge source addresses to aid in launching cyber attacks. [0003...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/56H04L45/74H04L45/748
Inventor 毕军姚广王军涛肖佩瑶胡虹雨
Owner TSINGHUA UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap