公开(公告)号：US20130152189A1

公开(公告)日：2013-06-13

申请号：US13687187

申请日：2012-11-28

Applicant: Electronics and Telecommunications Research Institute

Inventor： Sang-Woo LEE ,  Dong IL SEO

IPC: H04L29/06

CPC classification number: H04L63/1408 ,  H04L63/0823 ,  H04L63/101 ,  H04L63/1458 ,  H04L2463/146

Abstract: An authentication apparatus for detecting and preventing a source address spoofing packet, includes a packet reception unit configured to receive a packet from a previous node or a user host; a self-assurance type ID generation unit configured to generate a self-assurance type ID of a source node of the received packet; and a self-assurance type ID verification unit configured to determine whether the source address of the received packet has been spoofed. Further, the authentication apparatus includes a white list storage unit configured to store a reliable source node; a black list storage unit configured to store an unreliable source node; and a packet transmission unit configured to transmit the packet whose source has been verified through the self-assurance type ID verification unit to a next network node.

Abstract translation: 一种用于检测和防止源地址欺骗分组的认证装置，包括：分组接收单元，被配置为从前一个节点或用户主机接收分组; 被配置为生成所接收的分组的源节点的自保证型ID的自保证型ID生成单元; 以及自身类型ID验证单元，被配置为确定所接收的分组的源地址是否已被欺骗。 此外，认证装置包括被配置为存储可靠源节点的白名单存储单元; 配置为存储不可靠源节点的黑名单存储单元; 以及分组发送单元，被配置为将来自已经通过自保证型ID验证单元验证的源的分组发送到下一个网络节点。