LISP; Mapping System; Amplification; IP Spoofing; DoS
Abstract :
[en] There is a growing interest in solutions relying on the identifier/locator separation paradigm. It introduces several benefits in terms of scalability and flexibility. It relies on two addressing spaces, namely the identifiers, for endpoint identification, and the locators, for packet forwarding. An additional control plane is necessary to map one space to the other.
In this paper, we explore how control messages can be an amplification vector for DoS attacks. We evaluate the possible amplification factor based on a real deployment, showing that the amplification factor exists. We also build a GNS-3 testbed to demonstrate further and analyze the attack.
Disciplines :
Computer science
Author, co-author :
Gabriel, Mattias
Iannone, Luigi
Donnet, Benoît ; Université de Liège - ULiège > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Algorithmique des grands systèmes
Language :
English
Title :
LISP Mapping System as DoS Amplification Vector
Publication date :
March 2021
Journal title :
IEEE Networking Letters
eISSN :
2576-3156
Publisher :
Institute of Electrical and Electronics Engineers (IEEE), Piscataway, United States - New Jersey