NAT++: An Efficient Micro-NAT Architecture for Solving IP-Spoofing Attacks in a Corporate Network

Prakash Veeraraghavan,Eric Pardede,Dalal Hanna

doi:10.3390/electronics9091510

Prakash Veeraraghavan, Eric Pardede + Show 1 more

Open Access

https://doi.org/10.3390/electronics9091510

Copy DOI

Journal: Electronics	Publication Date: Sep 14, 2020
Citations: 5	License type: CC BY 4.0

Affiliation: La Trobe University

Abstract

The Internet Protocol (IP) version 4 (IPv4) has several known vulnerabilities. One of the important vulnerabilities is that the protocol does not validate the correctness of the source address carried in an IP packet. Users with malicious intentions may take advantage of this vulnerability and launch various attacks against a target host or a network. These attacks are popularly known as IP Address Spoofing attacks. One of the classical IP-spoofing attacks that cost several million dollars worldwide is the DNS-amplification attack. Currently, the availability of solutions is limited, proprietary, expensive, and requires expertise. The Internet is subjected to several other forms of amplification attacks happening every day. Even though IP-Spoofing is one of the well-researched areas since 2005, there is no holistic solution available to solve this problem from the gross-root. Also, every solution assumes that the attackers are always from outside networks. In this paper, we provide an efficient and scalable solution to solve the IP-Spoofing problem that arises from malicious or compromised inside hosts. We use a modified form of Network Address Translation (NAT) to build our solution framework. We call our framework as NAT++. The proposed infrastructure is robust, crypto-free, and easy to implement. Our simulation results have shown that the proposed NAT++ infrastructure does not consume more than the resources required by a simple NAT.

Highlights

The Internet Protocol (IP) version 6 (IPv6) was developed by the Internet Engineering Task Force (IETF) and was ratified as an Internet Standard in 2017
In our earlier paper [7], we introduce the PrECast infrastructure for a corporate network that solves various poisoning problem that leads to the Man-in-the-middle (MITM) attack in a Local Area
We provide a detailed overview of the Network Address Translation (NAT)++ architecture and how NAT++ can be integrated with the PrECast infrastructure to eliminate several attacks that are due to the two important vulnerabilities mentioned in this paper

Summary

Introduction

The Internet Protocol (IP) version 6 (IPv6) was developed by the Internet Engineering Task Force (IETF) and was ratified as an Internet Standard in 2017. Until today, only 15% of Internet traffic is due to IPv6 [1]. Of its users are using IPv6 addresses [2]. As of today, the Internet Protocol (IP) version 4 (IPv4) is the most deployed Internet protocol. Users with malicious intentions may take advantage of this vulnerability and launch various attacks against a target host or a network. This attack is popularly known as IP-Address

Methods

Results

Conclusion