Skip to Main Content
In order to prevent malicious attacks using spoofed source addresses, a hierarchical source address validation (HSAV) technique based on cryptographically generated address is presented. In HSAV, the IP addresses are generated using hash algorithm, called hierarchical hash based address (HHBA). HSAV is divided into two levels. The one is subnet layer validation, and the other is AS-layer validation. At each layer, part of the HHBA will be validated by the HSAV-complaint network nodes. The experimental system shows that this technique can validate the source addresses of data packets with a low cost.