Using Symmetric Routers that Limit Source Address Area to Enhance Overall Security of the Internet
スポンサーリンク
概要
- 論文の詳細を見る
The source IP address of IP packets used for DOS attacks and/or illegal conduct in the Internet is, in most cases, anonymous or a random number. We call it the 'secret IP address to the Internet' in that such IP addresses are not informed in advance to the ISP (Internet service provider) that offers Internet service to the user. This paper provides techniques to enhance the overall security of the Internet! it shows how to block IP packets transferred in the Internet that have secret source IP addresses. To achieve this goal, the authors discuss an Internet whose edge routers accept as input only IP packets with non-secret IP addresses. The routers deal with source IP address and destination address in a symmetrical manner for routing control (symmetric routing). We further consider how to easily switch to the IPv6 address system from the current IPv4 system.
- 社団法人電子情報通信学会の論文
- 2004-05-14
著者
-
Furukawa Hisao
The Distribution Systems Research Institute
-
Furukawa H
The Distribution Systems Research Institute
-
Miyaguchi S
Shibaura Institute Of Technology
-
Miyaguchi Shoji
Shibaura Institute of Technology
-
古川 久夫
The Distribution Systems Research Institute
-
宮口 庄司
Shibaura Institute of Technology
関連論文
- IP core network, overlay network and communication service (4) Unneeded virtual network operator, virtual ISP network and improving structure of NGN (ネットワークシステム)
- IP core network, overlay network and communication service (3) Building virtual networks over carrier's network and management of quality control (ネットワークシステム)
- IP core network, overlay network and communication service (2) How to build virtual networks for services including telephony and services on the internet (ネットワークシステム)
- IP core network, overlay network and communication service (4) : Unneeded virtual network operator, Virtual ISP network and Improving structure of NGN
- Using Symmetric Routers that Limit Source Address Area to Enhance Overall Security of the Internet
- IP core network, overlay network and communication service (5) : A step towards future network that provides virtual networks
- VPN-based future internet that prevents routing table size explosion (1) ID/locator separation realized by IP encapsulation (情報ネットワーク)
- Considerations on How to Extend IP based Next Generation Mobile Networks (IP^2) to a Network that could provide Fixed Telecommunications and IP-VPNs
- Discussion (1) on common core packet network: how to install mobile communication service and virtual dedicated circuit service in NGN core network (ネットワークシステム)
- VPN-based Future Internet that prevents routing table size explosion (3) : ISP networks built over one or more carrier networks
- VPN-based future internet that prevents routing table size explosion (2) Original ID/locator separation, network framework consisting of regional networks (ネットワークシステム)
- VPN-based Future Internet that prevents routing table size explosion (4) : Network framework consisting of regional networks, A new IP packet virtually upward compatible with IPv4
- Large-scale network that provides overlay networks for communication services : En-/de-capsulation, New routing architecture and new IP packet with 48-bit address (情報ネットワーク)
- Routing Architecture for Capsulation network : Smart embodiment of ID/locator Separation (情報ネットワーク)