Unlock instant, AI-driven research and patent intelligence for your innovation.

Distributed generation method and device of source address verification table in Internet domain

A technology of verifying table and source address, applied in the field of network security, it can solve the problems of wrong judgment, high communication overhead, inconsistent verification state and actual routing state, etc., and achieve the effect of low correctness

Active Publication Date: 2021-11-30
TSINGHUA UNIV +2
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the complexity of intra-domain routing policies, intra-domain routing asymmetry will lead to inconsistencies between the verification status and the actual routing status, which will lead to serious misjudgments
Although SAVE guarantees the correctness of source address verification, there is high communication overhead, which brings great pressure to the intra-domain network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Distributed generation method and device of source address verification table in Internet domain
  • Distributed generation method and device of source address verification table in Internet domain
  • Distributed generation method and device of source address verification table in Internet domain

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary and are intended to explain the present invention and should not be construed as limiting the present invention.

[0046] The purpose of the present invention is to design a distributed generation protocol of the source address verification table in the Internet domain, through the form of propagating detection messages between neighboring routers in the domain, the source address verification table is distributedly generated on the router, and the routing structure in any domain The correctness of the verification and the low overhead of the protocol communication are achieved.

[0047] The idea of ​​the method proposed by the present invent...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention proposes a distributed generation method and device for a source address verification table in an Internet domain, wherein the method includes: the router in the domain generates an original DPP message according to the local forwarding table; the router in the domain sends the original DPP message to a neighbor router; Generate a source address verification table according to the received original DPP message, and relay the DPP message. Therefore, by disseminating DPP messages between neighboring routers, the source address verification table is distributedly generated on the routers, and the correctness of verification and the low overhead of protocol communication can be realized under any intra-domain routing architecture.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a distributed generation method and device for a source address verification table in an Internet domain. Background technique [0002] The source address verification table in the domain contains the mapping relationship between the source address in the domain and the incoming interface of the group. By querying the local source address verification table, the router in the domain can verify the validity of the incoming interface of the packet according to the source address of the packet. Therefore, the intra-domain source address verification table can be used to detect forged intra-domain source addresses, create multicast spanning trees, and verify network correctness. [0003] Currently the most commonly used source address verification method, uRPF, uses a reverse lookup of the local forwarding table instead of creating an independent source address verification...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/741H04L12/751H04L29/06H04L45/74H04L45/02
CPCH04L45/74H04L45/745H04L45/02H04L63/12
Inventor 李丹秦澜城吴建平顾钰楠司宪超常向青林涛
Owner TSINGHUA UNIV