EVASIVE INTERNET: REDUCING INTERNET VULNERABILITY THROUGH TRANSIENT DESTINATION CONTROLLED ADDRESSING

Author (s) : Dr.K.Swathi, S.Bhuvaneswari

---

Abstract :
The current Internet architecture allows hosts to send arbitrary IP packets across a network, which may not reflect valid source address information. IP spoofing and denial-of-service attacks are widespread. Filtering techniques are not sufficient to defend against these attacks. The current Internet design calls for in-network certification of addresses and provenance of traffic they generate. This paper proposes a capability-based architecture, coined as Evasive Internet Protocol (EIP), to overcome these issues by introducing transient addresses as an alternative to IP addresses to reach a particular destination. In this architecture, the destination can only be reached through a valid capability. The aim of this paper is to implement EIP for end hosts and measure its performance compared to existing Internet protocols. The paper presents the design of EIP, including the transient address format, the capability management protocol, and the in-network enforcement mechanism. The paper also presents the implementation of EIP for end hosts and the performance evaluation results. The experimental results show that EIP can effectively defend against IP spoofing and denial-of-service attacks. EIP also has good performance, with low overhead and high throughput.

Keywords : Evasive Internet Protocol, transient addresses, capability management protocol, in-network enforcement, IP spoofing, denial-of-service attacks

Conference Date : 13/11/2020

Pages : 187

Paper ID : 20187