Dan Li is currently a full professor in the Department of Computer Science, Tsinghua University. His main research area is Trustworthy Internet, network intelligence and data center networking. He has published more than 100 referred papers, including top conferences such as SIGCOMM, NSDI, Neurips and top journals such as ToN.
SAVNET: Towards More Accurate and More Inentive Source Address Validation in the Internet.
Source address spoofing is one of the major security threats in the Internet. Attackers can easily carry out reflection attacks, and hide themselves behind the forged source address. The current practice of source address validation (SAV) mechanism in the Internet, namely, uRPF based technology, not only suffers from validation inaccuracy in routing asymmetry scenarios, but also lacks incentive for early adopters. We propose SAVNET, a more accurate and more incentive SAV mechanism in the Internet. The basic idea of SAVNET is to accurately discover the real data forwarding path by exchanging necessary information among routers and ASes. SAVNET can be realized by extending existing intra-domain and inter-domain routing protocols.