Yangyang Wu,Changsong Jiang,Chunxiang Xu,Kefei Chen

DOI: https://doi.org/10.1109/tifs.2021.3101043

IF: 7.231

2021-01-01

IEEE Transactions on Information Forensics and Security

Abstract:We analyze a path validation scheme with constant-size proof (published in IEEE Transactions on Information Forensics and Security) and demonstrate that this scheme fails to achieve unforgeability. An adversary can forge a valid proof with a non-negligible probability.

Qi XIE,XiuYuan YU,WenHao LIU,DeRen CHEN,GuiLin WANG,JiYi WU

DOI: https://doi.org/10.1360/112011-915

2012-01-01

Scientia Sinica Informationis

Abstract:Mutual authentication between the user and the public cloud is essential requirement for the user to access the public cloud in cloud computing. In 2011, Juang et al. proposed a first authentication scheme based on proxy signature. The advantage of the scheme is that the user only needs to register on his home service cloud (HSC), and can pass through the authentication of the public cloud with the help of his HSC. However, their scheme has three weaknesses: 1) the users HSC needs to update the users public key in each session to protect the users privacy; 2) HSC may suffer from network jam when many users in the same HSC need to register on different public clouds simultaneously; and 3) a secret key should be shared between HSC and visiting cloud. To overcome these weaknesses, a provably secure convertible proxy signcryption for privacy preserving is proposed. Based on this scheme, a novel one-round authentication protocol is proposed, which the user only needs to register on his HSC, and can pass through the authentication of the visiting cloud without the help of his HSC. On the other hand, the proposed protocol can provide some nice properties, such as user privacy protection, non-repudiation, without updating the users public key, and secret key does not have to be shared between HSC and visiting cloud. In addition, the proposed scheme is provably secure in the random oracle model, and is more efficient than Juang et al.s scheme.

Anxiao He,Jiandong Fu,Kai Bu,Ruiqi Zhou,Chenlu Miao,Kui Ren

DOI: https://doi.org/10.14722/ndss.2024.23104

2024-01-01

Abstract:Path validation has long been explored as a fundamental solution to secure future Internet architectures.It enables end-hosts to specify forwarding paths for their traffic and to verify whether the traffic follows the specified paths.In comparison with the current Internet architecture that keeps packet forwarding uncontrolled and transparent to end-hosts, path validation benefits end-hosts with flexibility, security, and privacy.The key design enforces routers to embed their credentials into cryptographic proofs in packet headers.Such proofs require sufficiently complex computation to guarantee unforgeability.This imposes an inevitable barrier on validation efficiency for a single packet.In this paper, we propose aggregate validation to implement path validation in a group-wise way.Amortizing overhead across packets in a group, aggregate validation promises higher validation efficiency without sacrificing security.We implement aggregation validation through Symphony, with various design techniques integrated and security properties formally proved.In comparison with state-of-the-art EPIC, Symphony speeds up packet processing by 3.78×∼18.40×and increases communication throughput by 1.13×∼6.11×.

Jiliang Li,Yuan Su,Rongxing Lu,Zhou Su,Weizhi Meng,Meng Shen

DOI: https://doi.org/10.1109/tdsc.2024.3392299

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Network path validation aims to give more control over the forwarding path of data packets in a path-aware network, which shields the network from security threats and allows end hosts to receive better services. Therefore, network path validation becomes a vital primitive for secure and reliable Internet services in the next generation networks. The path validation enables end hosts and intermediate router nodes to check whether a packet has followed the intended path. However, the existing solutions fail to protect path privacy and incur significant bandwidth and computation overhead on packet transferring, which degrades packet delivery performance. In this paper, we propose the StealthPath to protect path privacy and improve delivery efficiency. Firstly, StealthPath uses lightweight cryptographic primitives to generate nested proofs and ensures all nodes on the path to check the compliance of the forwarding path efficiently. Secondly, StealthPath hides the forwarding path in the proofs and reduces the proof size from linear to constant, which protects the path information and path length, and decreases the bandwidth consumption. Moreover, StealthPath allows on-path nodes to extract their proofs and the next hop address from proof without leaking on-path node index. Finally, StealthPath is proved to resist various attacks and preserves the path privacy. The experiments show that StealthPath saves nearly 60% header size and bandwidth, and is more efficient than state-of-the-art schemes.

Fan Yang,Ke Xu,Qi Li,Rongxing Lu,Bo Wu,Tong Zhang,Yi Zhao,Meng Shen

DOI: https://doi.org/10.1109/iwqos49365.2020.9213001

2020-01-01

Abstract:No matter from the perspective of detection or defense, source and path validations are fundamentally primitive in constructing security mechanisms to greatly enhance network immunity in the face of malicious attacks, such as injection, traffic hijacking and hidden threats. However, existing works for source and path verification still impose a non-trivial operational overhead and lack adjustment capability for path dynamic changes. In this paper, we propose a flexible and convenient source and path validation protocol called PSVM, which uses an authentication structure PIC composed of ordered pieces to carry out packet verification. Specifically, in the basic PSVM protocol, PIC (related to cryptographic computation) in the packet header does not require any update during packet verification, which thus enables a lower processing overhead in routers. To cope with the challenge of path policy changes in the running protocol, the dynamic PSVM protocol supports controllable adjustment and migration, especially in the case of avoiding a malicious node or region. Our evaluation of a prototype experiment on Click demonstrates that the verification efficiency of PSVM is barely influenced by payload size or path length. Compared to the baseline of normal IP routing, the throughput reduction ratio of the basic PSVM is about 13%, which is much better than 28% of existing best solution Origin and Path Trace (OPT). In addition, for a 35-hop path with 30 pieces of PIC needed to be adjusted in dynamic PSVM, the throughput reduction ratio of routing cross node performing the adjustment operation after normal verification is only 2.4%.

Anxiao He,Kai Bu,Jiongrui Huang,Yifei Pang,Qianping Gu,Kui Ren

DOI: https://doi.org/10.1109/tdsc.2023.3315457

2023-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Path validation promises a necessary security add-on for future Internet architectures. It authenticates not only source identities but also the exact path where a packet forwards through. This offers users more flexibility and reliability in network services. Most existing solutions focus on single-path validation that pre-correlates a packet to a specific forwarding path. However, parallel transmissions in multipath routing tend to induce bursty traffic that is hardly validated in time by existing solutions. In this paper, we present SwiftParade as the first attempt toward anti-burst multipath validation. It proposes a composite validation technique that can simultaneously validate a group of packets likely from multiple different paths. This helps to amortize the validation overhead across packets of the entire group instead of imposing the validation overhead equally on every packet. To implement composite validation, SwiftParade further explores a noncommutative homomorphic asymmetric encryption scheme. We prove effectiveness and security of SwiftParade through theoretical analysis. We also conduct extensive experiments to evaluate SwiftParade performance. The results show that SwiftParade offers high efficiency and applicability to multipath validation with complex routing topologies. In comparison with the state-of-the-art multipath validation solution—Atlas, SwiftParade speeds up packet processing by 2.5× $\sim 8.3\times$ and increases communication throughput by 2.8× $\sim 10.2\times$ .

Fan Zhang,Philip Daian,Iddo Bentov

2018-01-01

Abstract:Conventional (M,N )-threshold signature schemes leave users with a painful choice. SettingM = N offers maximum resistance to key compromise. With this choice, though, loss of a single key renders the signing capability unavailable, creating paralysis in systems that use signatures for access control. Lower M improves availability, but at the expense of security. For example, a (3, 3)-multisignature cryptocurrency wallet experiences access-control paralysis upon loss of a single key, but a (2, 3)-multisig allows any two players to collude and steal funds from the third. In this paper, we introduce techniques that address this impasse by making general cryptographic access structures dynamic. Our schemes permit, e.g., a (3, 3)-multisig, to be downgraded to a (2, 3)multisig if a player goes missing. This downgrading is secure in the sense that it occurs only if a player is provably unavailable. Our main tool is what we call a Paralysis Proof, evidence that players, i.e., key holders, are unavailable or incapacitated. Using Paralysis Proofs, we show how to construct a Dynamic Access Structure System, which can securely and flexibly update target access structures without a trusted third party such as a system administrator. We present DASS constructions that combine a trust anchor (a trusted execution environment or smart contract) with a censorshipresistant channel in the form of a blockchain. We offer a formal framework for specifying DASS policies, and define and show how to achieve critical security and usability properties (safety, liveness, and paralysis-freeness) in a DASS. Paralysis Proofs can help address pervasive key-management challenges in many different settings. We present DASS schemes for three important example use cases: recovery of cryptocurrency funds should players become unavailable, returning funds to users when cryptocurrency custodians fail, and remediating critical smartcontract failures such as frozen funds. We report on practical implementations for Bitcoin and Ethereum.

Kai Bu,Yingjiu Li

DOI: https://doi.org/10.1109/tifs.2017.2768022

IF: 7.231

2018-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Path authentication thwarts counterfeits in RFIDbased supply chains. Its motivation is that tagged products taking invalid paths are likely faked and injected by adversaries at certain supply chain partners/steps. Existing solutions are pathgrained in that they simply regard a product as genuine if it takes any valid path. Furthermore, they enforce distributed authentication by offloading the sets of valid paths to some or all steps from a centralized issuer. This not only imposes network and storage overhead but also leaks transaction privacy. We present STEPAUTH, the first step-grained path authentication protocol that is practically efficient for authenticating products with strict path bindings. We encode a path into a secret with minimum path visibility disclosure between adjacent steps. Carrying the secret, a product has to go through steps in the exact order as in the designated path to pass authentication. STEPAUTH enforces no tag computation and enables each step to locally verify path secrets without pre-offloaded valid-path sets. Toward an even higher security guarantee, STEPAUTH can hinder an adversary capable of compromising all steps from forging valid secrets. We make STEPAUTH practically efficient by taking advantage of nested encryption and hybrid encryption. To achieve a 128-b security for a practically long path of 100 steps, STEPAUTH generates a secret around 10 KB, which can be well supported by high-memory EPC Gen2 tags. Such secrets take STEPAUTH less than 1 s to encode and around 10 ms to verify.

Binanda Sengupta,Yingjiu Li,Kai Bu,Robert H. Deng

DOI: https://doi.org/10.1145/3372046

IF: 5.3

2020-01-01

ACM Transactions on Internet Technology

Abstract:The end-users communicating over a network path currently have no control over the path. For a better quality of service, the source node often opts for a superior (or premium) network path to send packets to the destination node. However, the current Internet architecture provides no assurance that the packets indeed follow the designated path. Network path validation schemes address this issue and enable each node present on a network path to validate whether each packet has followed the specific path so far. In this work, we introduce two notions of privacy-path privacy and Index privacy-in the context of network path validation. We show that, in case a network path validation scheme does not satisfy these two properties, the scheme is vulnerable to certain practical attacks (that affect the privacy, reliability, neutrality and quality of service offered by the underlying network). To the best of our knowledge, ours is the first work that addresses privacy issues related to network path validation. We design PrivNPV, a privacy-preserving network path validation protocol, that satisfies both path privacy and index privacy. We discuss several attacks related to network path validation and how PrivNPV defends against these attacks. Finally, we discuss the practicality of PrivNPV based on relevant parameters.

Kai Bu,Yutian Yang,Avery Laird,Jiaqing Luo,Yingjiu Li,Kui Ren

DOI: https://doi.org/10.48550/arXiv.1804.03385

2018-04-10

Networking and Internet Architecture

Abstract:Validating network paths taken by packets is critical for a secure Internet architecture. Any feasible solution must both enforce packet forwarding along endhost-specified paths and verify whether packets have taken those paths. However, neither enforcement nor verification is supported by the current Internet. Due likely to a long-standing confusion between routing and forwarding, only limited solutions for path validation exist in the literature. This survey article aims to reinvigorate research in to the significant and essential topic of path validation. It crystallizes not only how path validation works but also where seemingly qualified solutions fall short. The analyses explore future research directions in path validation toward improving security, privacy, and efficiency.

Lin Ma,Kai Bu,Ningchao Wu,Tianxiang Luo,Kui Ren

DOI: https://doi.org/10.1016/j.comnet.2020.107224

IF: 5.493

2020-01-01

Computer Networks

Abstract:As an indispensable feature for future secure Internet, path validation verifies whether packets follow specified paths. Existing solutions, however, cannot apply to multipath routing with practical efficiency. Multipath routing may proliferate an exponential scale path choice and the source may not know which path will be followed by a packet as a priori knowledge. In this paper, we design and implement Atlas as the first protocol for efficient multipath validation. It makes a leap in efficiency by two newly proposed techniques—hierarchical validation and tagged pruning. Hierarchical validation divides multipath into non-overlapping segments. We need to compute the path credential for each segment only once no matter how many paths it may co-locate. Furthermore, tagged pruning labels each segment with a unique tag. A router can directly identify the credential field to validate and delete credentials of unused paths. This further accelerates validation and saves bandwidth. Furthermore, we explore two efficiency enhancements—low-level credential elimination and used credential elimination—to improve Atlas scalability. We validate the practicality and applicability of Atlas over a recent topology measurement of Internet2’s IP Network. To validate the performance of Atlas and the enhancements, we implement Atlas using the Click modular router. Experiment results show that compact Atlas headers enable large-scale multipath validation without breaching the MTU limit. Atlas thus invigorates multipath validation practicality.

Songtao Fu,Qi Li,Min Zhu,Xiaoliang Wang,Su Yao,Yangfei Guo,Xinle Du,Ke Xu

DOI: https://doi.org/10.1109/iwqos52092.2021.9521345

2023-01-01

IEEE/ACM Transactions on Networking

Abstract:The source and path verification in Path-Aware Networking considers the two critical issues: (1) end hosts could verify that the network follows their forwarding decisions, and (2) both on-path routers and destination host could authenticate the source of packets and filter the malicious traffic. Unfortunately, the state-of-the-art mechanisms require heavy communication overhead in the network and computation overhead in the router; moreover, it is difficult to meet the dynamic requirements of the end host. We propose a user-driven mechanism, source and path verification based on Multi-AS-Key (MASK). MASK decreases the communication overhead by a short additional packet header and reduces the computation overhead by separating the control and data plane in terms of the cryptographic operation. Furthermore, it utilizes the stateful user to instruct the stateless routers to process the packet with a user-driven policy, thus satisfying the user’s requirements such as detecting the packet drop and replay attack. With the plausible design, the communication overhead for realistic path lengths is 1/2 to 1/10 compared with the state-of-the-art mechanisms. We implement MASK in the BMv2 environment and commodity Barefoot Tofino programmable switch, testify that MASK introduces significantly less overhead than the state-of-the-art mechanisms, and demonstrate that MASK could achieve the verification in the programmable switch at line rate.

Kai Bu,Avery Laird,Yutian Yang,Linfeng Cheng,Jiaqing Luo,Yingjiu Li,Kui Ren

DOI: https://doi.org/10.1145/3409796

IF: 16.6

2020-01-01

ACM Computing Surveys

Abstract:Validating the network paths taken by packets is critical in constructing a secure Internet architecture. Any feasible solution must both enforce packet forwarding along end-host specified paths and verify whether packets have taken those paths. However, the current Internet supports neither enforcement nor verification. Likely due to the radical changes to the Internet architecture and a long-standing confusion between routing and forwarding, only limited solutions for path validation exist in the literature. This survey article aims to reinvigorate research on the essential topic of path validation by crystallizing not only how path validation works but also where seemingly qualified solutions fall short. The analyses explore future research directions in path validation aimed at improving security, privacy, and efficiency.

Ee-Chien Chang,Jia Xu

DOI: https://doi.org/10.1007/978-3-540-88313-5_15

2008-01-01

Abstract:We are interested in this problem: a verifier, with a small and reliable storage, wants to periodically check whether a remote server is keeping a large file x. A dishonest server, by adapting the challenges and responses, tries to discard partial information of x and yet evades detection. Besides the security requirements, there are considerations on communication, storage size and computation time. Juels et al. [10] gave a security model for Proof of Retrievability (\documentclass[12pt]{minimal}\usepackage{amsmath}\usepackage{wasysym}\usepackage{amsfonts}\usepackage{amssymb}\usepackage{amsbsy}\usepackage{mathrsfs}\usepackage{upgreek}\setlength{\oddsidemargin}{-69pt}\begin{document}$\mathcal{POR}$\end{document}) system. The model imposes a requirement that the original x can be recovered from multiple challenges-responses. Such requirement is not necessary in our problem. Hence, we propose an alternative security model for Remote Integrity Check (\documentclass[12pt]{minimal}\usepackage{amsmath}\usepackage{wasysym}\usepackage{amsfonts}\usepackage{amssymb}\usepackage{amsbsy}\usepackage{mathrsfs}\usepackage{upgreek}\setlength{\oddsidemargin}{-69pt}\begin{document}$\mathcal{RIC}$\end{document}). We study a few schemes and analyze their efficiency and security. In particular, we prove the security of a proposed scheme HENC. This scheme can be deployed as a \documentclass[12pt]{minimal}\usepackage{amsmath}\usepackage{wasysym}\usepackage{amsfonts}\usepackage{amssymb}\usepackage{amsbsy}\usepackage{mathrsfs}\usepackage{upgreek}\setlength{\oddsidemargin}{-69pt}\begin{document}$\mathcal{POR}$\end{document} system and it also serves as an example of an effective \documentclass[12pt]{minimal}\usepackage{amsmath}\usepackage{wasysym}\usepackage{amsfonts}\usepackage{amssymb}\usepackage{amsbsy}\usepackage{mathrsfs}\usepackage{upgreek}\setlength{\oddsidemargin}{-69pt}\begin{document}$\mathcal{POR}$\end{document} system whose “extraction” is not verifiable. We also propose a combination of the RSA-based scheme by Filho et al. [7] and the ECC-based authenticator by Naor et al. [12], which achieves good asymptotic performance. This scheme is not a \documentclass[12pt]{minimal}\usepackage{amsmath}\usepackage{wasysym}\usepackage{amsfonts}\usepackage{amssymb}\usepackage{amsbsy}\usepackage{mathrsfs}\usepackage{upgreek}\setlength{\oddsidemargin}{-69pt}\begin{document}$\mathcal{POR}$\end{document} system and seems to be a secure \documentclass[12pt]{minimal}\usepackage{amsmath}\usepackage{wasysym}\usepackage{amsfonts}\usepackage{amssymb}\usepackage{amsbsy}\usepackage{mathrsfs}\usepackage{upgreek}\setlength{\oddsidemargin}{-69pt}\begin{document}$\mathcal{RIC}$\end{document}. In-so-far, all schemes that have been proven secure can also be adopted as \documentclass[12pt]{minimal}\usepackage{amsmath}\usepackage{wasysym}\usepackage{amsfonts}\usepackage{amssymb}\usepackage{amsbsy}\usepackage{mathrsfs}\usepackage{upgreek}\setlength{\oddsidemargin}{-69pt}\begin{document}$\mathcal{POR}$\end{document} systems. This brings out the question of whether there are fundamental differences between the two models. To highlight the differences, we introduce a notion, trap-door compression, that captures a property on compressibility.

Ting Chen,Huiqun Yu,Wei Chen

DOI: https://doi.org/10.1109/NSWCTC.2010.67

2010-01-01

Abstract:One of the objectives of trusted computing is to provide remote attestation method that is able to confirm the status of remote platform or application. Existing property-based attestation is based on the strong-RSA assumption and the required key length is too long. What's more, a considerable number of RSA-length operations having to be performed which lead to low computational efficiency. Bilinear parings-Based Attestation model, which based on elliptic curve discrete logarithm bilinear paring, can shorten the required key length and reduce bandwidth usage at the same premise of safety performance requirements, as well as ensure platform configurations not to be exposed to the platform while improving operating efficiency. On the other hand, the model includes many trusted computing platform parameters in order to resist replay attacks, and take use of information hiding technology to hide certificates and effectively preventing anyone with a source of certificate misuse of the certificate.

Yi Wu,Wei Zhang,Hu Xiong,Zhiguang Qin,Kuo-Hui Yeh

DOI: https://doi.org/10.1007/s11042-021-11286-0

IF: 2.577

2021-01-01

Multimedia Tools and Applications

Abstract:With the universality and availability of Internet of Things (IoT), data privacy protection in IoT has become a hot issue. As a branch of attribute-based encryption (ABE), ciphertext policy attribute-based encryption (CP-ABE) is widely used in IoT to offer flexible one-to-many encryption. However, in IoT, different mobile devices share messages collected, transmission of large amounts of data brings huge burdens to mobile devices. Efficiency is a bottleneck which restricts the wide application and adoption of CP-ABE in Internet of things. Besides, the decryption key in CP-ABE is shared by multiple users with the same attribute, once the key disclosure occurs, it is non-trivial for the system to tell who maliciously leaked the key. Moreover, if the malicious mobile device is not revoked in time, more security threats will be brought to the system. These problems hinder the application of CP-ABE in IoT. Motivated by the actual need, a scheme called traceable and revocable ciphertext policy attribute-based encryption scheme with constant-size ciphertext and key is proposed in this paper. Compared with the existing schemes, our proposed scheme has the following advantages: (1) Malicious users can be traced; (2) Users exiting the system and misbehaving users are revoked in time, so that they no longer have access to the encrypted data stored in the cloud server; (3) Constant-size ciphertext and key not only improve the efficiency of transmission, but also greatly reduce the time spent on decryption operation; (4) The storage overhead for traceability is constant. Finally, the formal security proof and experiment has been conducted to demonstrate the feasibility of our scheme.

Yang Xu,Quanrun Zeng,Ju Ren,Yaoxue Zhang,Guojun Wang,Hao Min

DOI: https://doi.org/10.1109/smartworld.2018.00331

2018-01-01

Abstract:The wide use of network computing technologies has promoted the popularity of outsourced storage services. Meanwhile, the provable data possession (PDP) techniques are widely studied as the outsourcing storage servers are not always trustworthy and dependable in maintaining the outsourced data. However, most existing PDP solutions are either costly for the current Internet of things (IoT) devices, or vulnerable to spoofing attacks. In this paper, we propose a succinct anti-spoofing provable data possession scheme for lightweight clients in network computing. We employ the basic integrity comparison-based verification to fit for the resource-constrained verifiers, and propose a random sentinel metadata setup mechanism and the true-fake blended challenge scheme to improve the robustness against spoofing attacks of untrusted servers. The analyses reveal that our approach is effective in data possession verification with the robustness against spoofing attacks, while the overhead on the verifier side is low.

Jie Li,Jianping Wu,Ke Xu

DOI: https://doi.org/10.1109/glocom.2011.6133740

2012-01-01

Chinese Journal of Computers

Abstract:Next generation Internet is highly concerned with the issue of trustworthy. An important foundation of trustworthy is authentication of the source IP address. With existing signature-and-verification based defense mechanisms, there is a lack of hierarchical architecture, which makes the structure of the trust alliance excessively flat and single. Moreover, with the increasing scale of trust alliances, costs of validation grow so quickly that they do not adapt to incremental deployment. Via comparison with traditional solutions, this article proposes a hierarchical, inter-domain authenticated source address validation solution named SafeZone. SafeZone employs two intelligent designs: lightweight tag replacement and a hierarchical partitioning scheme, each of which helps to ensure that SafeZone can construct trustworthy and hierarchical trust alliances without the negative influences and complex operations on de facto networks. Extensive experiments also indicate that SafeZone can effectively obtain the design goals of a hierarchical architecture, along with lightweight, loose coupling and "multi-fence support" as well as supporting incremental deployment.

Chaowen Guan,Kui Ren,Fangguo Zhang,Florian Kerschbaum,Jia Yu

DOI: https://doi.org/10.1007/978-3-319-24174-6_11

2015-01-01

Abstract:Proofs-of-Retrievability enables a client to store his data on a cloud server so that he executes an efficient auditing protocol to check that the server possesses all of his data in the future. During an audit, the server must maintain full knowledge of the client's data to pass, even though only a few blocks of the data need to be accessed. Since the first work by Juels and Kaliski, many PoR schemes have been proposed and some of them can support dynamic updates. However, all the existing works that achieve public verifiability are built upon traditional public-key cryptosystems which imposes a relatively high computational burden on low-power clients (e.g., mobile devices).In this work we explore indistinguishability obfuscation for building a Proof-of-Retrievability scheme that provides public verification while the encryption is based on symmetric key primitives. The resulting scheme offers light-weight storing and proving at the expense of longer verification. This could be useful in apations where outsourcing files is usually done by low-power client and verifications can be done by well equipped machines (e.g., a third party server). We also show that the proposed scheme can support dynamic updates. At last, for better assessing our proposed scheme, we give a performance analysis of our scheme and a comparison with several other existing schemes which demonstrates that our scheme achieves better performance on the data owner side and the server side.

Wenlong Chen,Xiaolin Wang,Xiaoliang Wang,Ke Xu,Sushu Guo

DOI: https://doi.org/10.1109/jsyst.2022.3165826

IF: 4.802

2022-01-01

IEEE Systems Journal

Abstract:The correctness of user traffic forwarding paths is an important goal of trusted transmission. Many network security issues are related to it, i.e., denial-of-service attacks, route hijacking, etc. The current path-aware network architecture can effectively overcome this issue through path verification. At present, the main problems of path verification are high communication and high computation overhead. To this aim, this article proposes a lightweight real-time verification mechanism of intradomain forwarding paths in autonomous systems to achieve a path verification architecture with no communication overhead and low computing overhead. The problem situation is that a packet finally reaches the destination, but its forwarding path is inconsistent with the expected path. The expected path refers to the packet forwarding path determined by the interior gateway protocols. If the actual forwarding path is different from the expected one, it is regarded as an incorrect forwarding path. This article focuses on the most typical intradomain routing environment. A few routers are set as the verification routers to block the traffic with incorrect forwarding paths and raise alerts. Experiments prove that this article effectively solves the problem of path verification and the problem of high communication and computing overhead.