Design and implementation of a real-time decentralized source identification system for untrusted IP packets

Ho-Yen Chang,P. Chen,A. Hayatnagarrear,R. Narayan,P. Sheth,N. Vo,C. L. Wu,Shyhtsun Felix Wu,L Zhang,X Zhang,Fengmin Gong,F. Jou,C. Sargor,X. Wu

Design and implementation of a real-time decentralized source identification system for untrusted IP packets

2000

Ho-Yen Chang
P. Chen
A. Hayatnagarrear
R. Narayan
P. Sheth
N. Vo
C. L. Wu
Shyhtsun Felix Wu
L Zhang
X Zhang
Fengmin Gong
F. Jou
C. Sargor
X. Wu

DECIDUOUS is a security management framework for identifying the "true" sources of network-based intrusions. As in IPv4, normally the source IP address field of an IP packet is untrusted. Therefore, DECIDUOUS utilizes the IPSec security associations as "trapdoors" to derive possible network paths that an attack packet has traveled to reach the target victim. In (Chang et al., 1999), we illustrated the architecture and design of the DECIDUOUS framework. In this paper, we describe our prototype implementation and experimental results.

Keywords:

Internet security
Security Parameter Index
IPsec
Covert channel
Network security policy
Computer network
IP tunnel
Security information and event management
Distributed computing
Computer science
Network packet
Network Access Control

Correction
Source
Cite
Save
Machine Reading By IdeaReader

References

Citations