Enabling Efficient Source and Path Verification via Probabilistic Packet Marking

Bo Wu, Ke Xu, Qi Li, Zhuotao Liu, Yih Chun Hu, Martin J. Reed, Meng Shen, Fan Yang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The Internet lacks verification of source authenticity and path compliance between the planned packet delivery paths and the real delivery paths, which allows attackers to construct attacks like source spoofing and traffic hijacking attacks. Thus, it is essential to enable source and path verification in networks to detect forwarding anomalies and ensure correct packet delivery. However, most of the existing security mechanisms can only capture anomalies but are unable to locate the detected anomalies. Besides, they incur significant computation and communication overhead, which exacerbates the packet delivery performance. In this paper, we propose a high-efficient packet forwarding verification mechanism called PPV for networks, which verifies packet source and their forwarding paths in real time. PPV enables probabilistic packet marking in routers instead of verifying all packets. Thus, it can efficiently identify forwarding anomalies by verifying markings. Moreover, it localizes packet forwarding anomalies, e.g., malicious routers, by reconstructing packet forwarding paths based on the packet markings. We implement PPV prototype in Click routers and commodity servers, and conducts real experiments in a real testbed built upon the prototype. The experimental results demonstrate the efficiency and performance of PPV. In particular, PPV significantly improves the throughput and the goodput of forwarding verification, and achieves around 2 times and 3 times improvement compared with the-state-of-art OPT scheme, respectively.

Original languageEnglish (US)
Title of host publication2018 IEEE/ACM 26th International Symposium on Quality of Service, IWQoS 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781538625422
DOIs
StatePublished - Jan 22 2019
Event26th IEEE/ACM International Symposium on Quality of Service, IWQoS 2018 - Banff, Canada
Duration: Jun 4 2018Jun 6 2018

Publication series

Name2018 IEEE/ACM 26th International Symposium on Quality of Service, IWQoS 2018

Conference

Conference26th IEEE/ACM International Symposium on Quality of Service, IWQoS 2018
CountryCanada
CityBanff
Period6/4/186/6/18

Keywords

  • Fault Localization
  • Source and Path Verification

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Management of Technology and Innovation
  • Computer Networks and Communications
  • Media Technology

Fingerprint Dive into the research topics of 'Enabling Efficient Source and Path Verification via Probabilistic Packet Marking'. Together they form a unique fingerprint.

  • Cite this

    Wu, B., Xu, K., Li, Q., Liu, Z., Hu, Y. C., Reed, M. J., Shen, M., & Yang, F. (2019). Enabling Efficient Source and Path Verification via Probabilistic Packet Marking. In 2018 IEEE/ACM 26th International Symposium on Quality of Service, IWQoS 2018 [8624169] (2018 IEEE/ACM 26th International Symposium on Quality of Service, IWQoS 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/IWQoS.2018.8624169