NAT++: An Efficient Micro-NAT Architecture for Solving IP-Spoofing Attacks in a Corporate Network-Reference-Cited by-同舟云学术

NAT++: An Efficient Micro-NAT Architecture for Solving IP-Spoofing Attacks in a Corporate Network

Published:2020-09-14 Issue:9 Volume:9 Page:1510
ISSN:2079-9292
Container-title:Electronics
language:en
Short-container-title:Electronics

Author:

Veeraraghavan Prakash^ORCID,Hanna Dalal^ORCID,Pardede Eric^ORCID

Abstract

The Internet Protocol (IP) version 4 (IPv4) has several known vulnerabilities. One of the important vulnerabilities is that the protocol does not validate the correctness of the source address carried in an IP packet. Users with malicious intentions may take advantage of this vulnerability and launch various attacks against a target host or a network. These attacks are popularly known as IP Address Spoofing attacks. One of the classical IP-spoofing attacks that cost several million dollars worldwide is the DNS-amplification attack. Currently, the availability of solutions is limited, proprietary, expensive, and requires expertise. The Internet is subjected to several other forms of amplification attacks happening every day. Even though IP-Spoofing is one of the well-researched areas since 2005, there is no holistic solution available to solve this problem from the gross-root. Also, every solution assumes that the attackers are always from outside networks. In this paper, we provide an efficient and scalable solution to solve the IP-Spoofing problem that arises from malicious or compromised inside hosts. We use a modified form of Network Address Translation (NAT) to build our solution framework. We call our framework as NAT++. The proposed infrastructure is robust, crypto-free, and easy to implement. Our simulation results have shown that the proposed NAT++ infrastructure does not consume more than the resources required by a simple NAT.

Publisher

MDPI AG

Subject

Electrical and Electronic Engineering,Computer Networks and Communications,Hardware and Architecture,Signal Processing,Control and Systems Engineering

Link

https://www.mdpi.com/2079-9292/9/9/1510/pdf

Reference25 articles.

1. IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6;Graziani,2017

2. Google IPv6 Statisticshttps://www.google.com/intl/en/ipv6/statistics.html

3. BGP Table Datahttps://bgp.potaroo.net/index-bgp.html

4. Here’s How Much Money a Business Should Expect to Lose If They’re Hit with a DDoS Attackhttps://www.techrepublic.com/article/heres-how-much-money-a-business-should-expect-to-lose-if-theyre-hit-with-a-ddos-attack/

5. Cyber Security Market Size, Share & Trends Analysis Report, by Component, by Security Type, by Solution, by Service, by Deployment, by Organization, by Application, by Region, and Segment Forecasts, 2020–2027, Grandview Research (June 2020)https://www.grandviewresearch.com/industry-analysis/cyber-security-market

Cited by 5 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Network Intrusion Detection to Mitigate Jamming and Spoofing Attacks Using Federated Leading;Advances in Logistics, Operations, and Management Science;2023-12-29

2. Key Observation to Prevent IP Spoofing in DDoS Attack on Cloud Environment;Soft Computing: Theories and Applications;2023

3. Hybrid Security Mechanism to Enhance the Security and Performance of IoT System;2021 IEEE International Conference on Technology, Research, and Innovation for Betterment of Society (TRIBES);2021-12-17

4. Emerging IoT Applications in Sustainable Smart Cities for COVID-19: Network Security and Data Preservation Challenges with Future Directions;Sustainable Cities and Society;2021-12

5. Virtual IP-Based Secure Gatekeeper System for Internet of Things;Sensors;2020-12-23