Research

SAVA

SDN

NDN

Routing

 

 

 

 

Recent Research on SAVA (Source Address Validation Architecture) , Anti-Spoofing, and Traceback

 

Research Topics

1.       Architecture and Standard

-        SAVA and SAVI RFCs (IETF SAVI Working Group http://datatracker.ietf.org/wg/savi/documents/)

-        Theoretical Model

-        Anti-spoofing based on SDN Architecture

2.       Source Address Validation and Anti-spoofing Method

-        Inter-domain Source Address Anti-spoofing

-        Intra-domain Anti-spoofing

-        Anti-spoofing in Local Network

-        Trustworthy User ID

-        Anti-SPAM in Instant Messaging

3.       IP Traceback

-        Passive Traceback (by Network Telescope)

-        Active Traceback (by Packet Marking or Sampling)

4.       Testbed and System

-        Large-scale Source Address Validation Testbed

-        Management System and Equipment Implementation (collaborating with vendors)

 

Publications

(Click here to download full papers)

 

1.       Guang Yao, Jun Bi, Athanasios V. Vasilakos, Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backscatter, IEEE Transactions on Information Forensics & Security, Vol. 10, No. 3, pp471-484, 2015

2.       Bingyang Liu, Jun Bi, On the Deployability of Inter-AS Spoofing Defenses, IEEE Network, Vol. 29, 2015, accepted

3.       Bingyang Liu, Jun Bi, 互联网域间源地址验证的可部署性评价模型研究(On the Deployability Evaluation Model of Internet Inter-domain Source Address Validation),《计算机学报》(Chinese Journal of Computers), Vol. 38, No.3, pp500-514, 2015

4.       Bingyang Liu, Jun Bi, Athanasios V. Vasilakos, Towards Incentivizing Anti-spoofing Deployment, IEEE Transactions on Information Forensics & Security, Vol. 9, No. 3, pp436-450, 2014

5.       Jun Bi,  IP Source Address Validation Solution with OpenFlow Extension and OpenRouter, Book Chapter as Chapter 3 at Network Innovation through OpenFlow and SDN: Principles and Design, pp41-70, ISBN-13: 978-1466572096, Publisher: CRC Press, New York, USA, February, 2014

6.       Duanqi Zhou, Jun Bi, Guang Yao, 基于IPv6 源地址验证的一种可信身份系统(Trustworthy Identity System based on IPv6 Source Address Validation),《通信学报》(Journal on Communications), Vol. 35, No. Z1, pp20-26, 2014

7.       Baobao Zhang, Jun Bi, Jianping Wu, LAS: An Effective Anti-Spoofing Method Using Existing Information, the 23rd IEEE International Conference on Computer Communications and Networks (ICCCN14), pp333-340, Shanghai, China, 2014

8.       Guang Yao, Jun Bi, Tao Feng, Peiyao Xiao, Duanqi Zhou, Performing Software Defined Route-Based IP Spoofing Filtering with SEFA, the 23rd IEEE International Conference on Computer Communications and Networks (ICCCN14), pp489-496, Shanghai, China, 2014

9.       Jianping Wu, Jun Bi, Marcelo Bagnulo, Fred Baker, Christian Vogt, Source Address Validation Improvement Framework, RFC7039, 2013

10.   Guang Yao, Jun Bi, Peiao Xiao, VASE: Filtering IP Spoofing Traffic with Agility, Computer Networks (Elsevier), Vol.57, No.1, pp243–257, 2013

11.   Hongcheng Tian, Jun Bi, Xiaoke Jiang, An Adaptive Probabilistic Marking Scheme for Fast and Secure Traceback, Networking Science (Springer), published online, in print http://www.springerlink.com/content/l863q68r32367332/

12.    Jie Li, Jun Bi, Jianping Wu, Towards a Cooperative Mechanism based Distributed Source Address Filtering, the 22nd IEEE International Conference on Computer Communications and Networks (ICCCN13), Nassau, Bahamas, 2013

13.   Peiyao Xiao, Jun Bi, Tao Feng, O-CPF: an OpenFlow based Intra-AS Source Address Validation Application, the 8th ACM International Conference on Future Internet Technologies (CFI13), Beijing, China, 2013

14.    Peiyao Xiao, Jun Bi , 基于OpenFlow架构的域内源地址验证方法 (OpenFlow based Intra-AS Source Address Validation), 《小型微型计算机系统》(Journal of  Chinese Computer Systems, Vol.34, No.9, pp1999-2003, 2013

15.    Jun Bi, Jianping Wu, Xing Li, IP源地址验证技术研究进展(Research Progress of IP Source Address Validation, 《互联网IP地址与域名技术发展研究报告》(in: IP Address and Domain Name Technologies Research Report, 2013

16.    Editors: E. Nordmark,M. Bagnulo, E. Levy-Abegnoli, Contributors: Jun Bi, Guang Yao, Fred Baker, FCFS-SAVI: First-Come First-Serve Source-Address Validation for Locally Assigned IPv6 Addresses, RFC6620, 2012

17.    Bingyang Liu, Jun Bi, Xiaowei Yang, FaaS: Filtering IP Spoofing Traffic as a Service, ACM Computer Communication Review, Vol.42,No.4,pp113-114; also in proceedings of ACM SIGCOMM12

18.    Hongcheng Tian, Jun Bi, An Incrementally Deployable Flow-Based Scheme for IP Traceback, IEEE Communications Letters, Vol.16, No.7, pp1140-1143, 2012

19.   Tao Feng, Jun Bi, Hongyu Hu, Guang Yao, Peiyao Xiao, InSAVO: Intra-AS IP Source Address Validation Solution with OpenRouter, the 31st IEEE International Conference on Computer Communications (INFOCOM12), Demo, Orlando, USA, 2012 http://www.ieee-infocom.org/2012/demos.html   (video)

20.    Jie Li, Jun Bi, Jianping Wu, Umbrella: A Routing Choice Feedback Based Distributed Inter-Domain Anti-Spoofing Solution, in proceedings of the 20th IEEE International Conference on Network Protocols (ICNP12), Austin, USA, 2012

21.    Hongcheng Tian, Jun Bi, A Flow-Based Traceback Scheme on an AS-Level Overlay Network, in proceedings of the 32nd IEEE International Conference on Distributed Computing Systems (ICDCS12), pp559-564, Macau, 2012

22.    Jie Li, Jun Bi, Jianping Wu, Wei Zhang, A Multi-Fence Countermeasure Based Inter-domain Source Address Validation Method, the 11th IEEE International Symposium on Network Computing and Applications (NCA12), pp259-262, Cambridge, MA, USA, 2012

23.    Yu Zhu, Jun Bi, Yayuan Sun, A Light-weighted Source Address Validation Method In IPv4/IPv6 Translation, the 7th International Conference on Internet Monitoring and Protection (ICIMP12), pp23-29, Stuttgart, Germany, 2012

24.   Guang Yao, Jun Bi, Peiyao Xiao, Source Address Validation Solution with OpenFlow/NOX Architecture, in proceedings of the 19th IEEE International Conference on Network Protocols (ICNP11), pp7-12, Vancouver, Canada, 2011

25.    Bingyang Liu, Jun Bi, Yu Zhu, A Deployable Approach for Inter-AS Anti-spoofing, in proceedings of the 19th IEEE International Conference on Network Protocols (ICNP11), pp19-24, Vancouver, Canada, 2011

26.    Hongcheng Tian, Jun Bi, Wei Zhang, Xiaoke Jiang, EasyTrace: Easily-Deployable Light-Weight IP Traceback on an AS-Level Overlay Network, in proceedings of the 19th IEEE International Conference on Network Protocols (ICNP11), pp129-130, Vancouver, Canada, 2011

27.   Tao Feng, Jun Bi, Hongyu Hu, OpenRouter: OpenFlow Extension and Implementation Based on a Commercial Router, in proceedings of the 19th IEEE International Conference on Network Protocols (ICNP11), pp141-142, Vancouver, Canada, 2011

28.    Hongcheng Tian, Jun Bi, Xiaoke Jiang, Dekai Wang, Wei Zhang, 一种快速且安全的概率标记追溯技术(Fast and Secure Probabilistic Marking Technology for IP Traceback), 《清华大学学报(自然科学版)》(Journal of Tsinghua University, Vol. 50, No.4, pp542-5472011 

29.    Guang Yao, Jun Bi, Zijian Zhou, Passive IP Traceback: Capturing the Origin of Anonymous Traffic through Network Telescopes, ACM Computer Communication Review, Vol.40,No.4,pp413-414; also in proceedings of ACM SIGCOMM10

30.    Guang Yao, Jun Bi, Sen Wang, Yueran Zhang, Yitian Li, A Pull Model IPv6 Duplicate Address Detection, in proceedings of IEEE Local Computer NetworkLCN10, pp372-375, Denver, USA, 2010

31.    Jun Bi, Ping Hu, Peiguo Li, Study on Classification and Characteristics of Source Address Spoofing Attacks in the Internet, the 9th International Conference on Networking (ICN10), pp226-230, Menuires, France, 2010

32.    Hongcheng Tian, Jun Bi, Xiaoke Jiang, Wei Zhang, A Probabilistic Marking Scheme for Fast Traceback, International Conference on Evolving Internet (INTERNET 2010), pp.137-141, Valencia, Spain, 2010

33.    Jun Bi, Guang Yao, Jianping Wu,一种基于控制报文监听的接入网源地址验证方法(A Control Packet Snooping based Source Address Validation in the Access Network), 《天津大学学报》(Transactions of Tianjin University)Vol.42, Suppl., pp2-9, 2010.

34.    Zhiliang Wang, Jun Bi, Meng Meng, Xia Yin,接入网IPv6源地址验证方案测试(Testing of Source Address Validation Methods in the Access Network),《中南大学学报》(Journal of Central South University of Technology), Vol.41, Suppl., 2010

35.    Jun Bi, A Trust Ranking Method to Prevent IM Spam, IEICE Transactions on Information and Systems (Oxford University Press), Vol.E92-D, No.5, 2009

36.    Jun Bi, Guang Yao, Jianping Wu, An IPv6 Source Address Validation Testbed and Prototype Implementation, Journal of Networks (Academy Publisher),Vol.4, No.2, pp100-107, 2009

37.    Jun Bi, Bingyang Liu,Jianping Wu, Yan Shen, Preventing IP Source Address Spoofing: A Two-Level, State Machine Based Method, Tsinghua Science and Technology, Vol.14, No. 4, pp413-420, 2009

38.    Pingping Lin, Jun Bi, A Novel SeND based Source Address Validation Mechanism (SAVM-SeND), the 9th IEEE International Symposium on Applications and the Internet (SAINT09), pp149-152, Seattle, USA, 2009

39.    Peiguo Li, Jun Bi, Guang Yao, 互联网假冒源地址攻击分类(Classification of Source Address Spoofing in the Internet),《清华大学学报(自然科学版)》(Journal of Tsinghua University, Vol.49, No.8, 2009

40.    Jianping Wu, Jun Bi, Xing Li, Gang Ren, Ke Xu, Mark Williams, A Source Address Validation Architecture (SAVA) Testbed and Deployment Experience, RFC5210, 2008

41.    Jun Bi, Jianping Wu, Wenmao Zhang, A Trust and Reputation based anti-SPIM Method, in proceedings of the 27th IEEE International Conference on Computer Communications (INFOCOM08), pp2485-2493, USA, 2008

42.    Gaung Yao, Jun Bi, A CGA Based IP Source Address Authentication Method in IPv6 Access Network, the 33rd IEEE Conference on Local Computer Networks (LCN08), Canada, 2008

43.    Yan Shen, Jun Bi, Jianping Wu, Qiang Liu, A Two-Level Source Address Spoofing Prevention based on Automatic Signature and Verification Mechanism, the 13th IEEE Symposium on Computers and Communications (ISCC08), 2008

44.    Xiangbin Cheng, Jun Bi, Xing Li, Swing - A Novel Mechanism inspired by Shim6 Address-switch Conception to Limit the Effectiveness of DoS Attacks, the 7th International Conference on Networking (ICN08), Mexico, 2008

45.    Guang Yao, Jun Bi, A Novel Source Address Spoofing Prevention Method for IPv6 Access Network, APAN Network Research Workshop, New Zealand, 2008 (Best Paper Award)

46.    Jun Bi, Jianping Wu, Xing Li, Xiangbin Cheng, An IPv6 Test-bed Implementation for a Future Source Address Validation Architecture, the 4th International Conference on Next Generation Internet Network (NGI08), 2008

47.    Guang Yao, Jun Bi, Design and Implementation of an IPv6 Source Address Validation Device, the 4th International Conference on Networking and Services (ICNS08), 2008

48.    Guang Yao, Jun Bi, 互联网中IP源地址伪造及其防护技术(Source Address Spoofing and Prevention Technologies in Internet,《电信科学》(Telecommunications Science, Vol.24, No.1, pp26-32, 2008. Invited Paper

49.    Jun Bi, Jianping Wu, Xiangbin Cheng, 下一代互联网真实地址寻址技术实现及试验(A Source Address Validation Test-bed in CNGI-CERNET2, 《电信科学》(Telecommunications Science, Vol.24, No.1, pp11-18, 2008. Invited Paper.

50.    Jun Bi, Jianping Wu, Wenmao Zhang, SureMsg: a XMPP-based Security E-mail System, International Journal of Intelligent Information and Database Systems, Vol.1, No.2, pp199-215, 2007

51.    Lizhong Xie, Jun Bi, Jianping Wu, An Authentication based Source Address Spoofing Prevention Method Deployed in IPv6 Edge Network, Lecture Notes in Computer Science (Springer), Vol. 4490, pp801-808, 2007

52.    Jun Bi, Jianping Wu, Application Presence Information based Source Address Transition Detection for Edge Network Security and Management, International Journal of Computer Science and Network Security, VOL.7 No.1, pp147-152, 2007

53.    Yan Shen, Jun Bi, Jianping Wu, Qiang Liu, Automatic Peer-to-Peer Signature for Source Address Validation, Lecture Notes in Artificial Intelligence (Springer), Vol. 4692, pp855-863, 2007

54.    Wenmao Zhang, Jun Bi, Miao Zhang, Zheng Qin, A Trustworthy Email System based on Instant Messaging, Lecture Notes in Computer Science (Springer), Vol. 4439, pp598-609, 2007

55.    Wenmao Zhang, Jun Bi, Jianping Wu, Qiang Liu, An Approach to Optimize Local Trust Algorithm in SureMsg Service, ECSIS Symposium on Bio-inspired, Learning, and Intelligent Systems for Security (BLISS07), Edinburg, UK, 2007

56.    Lei Zhao, Miao Zhang, Jun Bi, Detecting Private Address Space based on Application Layer Information, in proceedings of the 25th IEEE International Conference on Computer Communications (INFOCOM06), Barcelona, Spain, 2006

57.    Jun Bi, Jianping Wu, Miao Zhang, Enable a Trustworthy Network by Source Address Spoofing Prevention Routers: A Formal Description, Lecture Notes in Computer Science (Springer), Vol. 4097, pp681-691, 2006

58.    Jun Bi, Miao Zhang, Lei Zhao,  Security Enhancement by Detecting Network Address Translation Based on Instant Messaging, Lecture Notes in Computer Science (Springer), Vol. 4097, pp962-971, 2006

59.    Jun Bi, Lei Zho, Miao Zhang, Application Presence Fingerprinting for NAT-Aware Router, Lecture Notes in Artificial Intelligence (Springer), Vol. 4252, pp678-685, 2006

 

Talks

1.       Source Address Validation: from the Current Network Architecture to SDN based Architecture, Global Future Internet Summit (GFI13), Seoul, Korea, Nov. 20, 2013

2.       Source Address Validation Architecture (SAVA), Internet2 Spring 2012 Member Meeting, Arlington, USA, April 25, 2012

3.       The Challenges of SDN/OpenFlow in an Operational and Large-scale Network, the 2nd Open Networking Summit (ONS2012), Santa Clara, USA, April 17, 2012 (video) , for OpenFlow based  Source Address Validation

4.      OpenFlow+ for IPv6 Source Address Validation, Future Internet Testbed Workshop at the 33rd Asia-Pacific Advanced Network (APAN33), Chiang Mai, Thailand, Feb. 15, 2012

5.       Research Updates on Next Generation Internet, Tsinghua-Waseda Joint Workshop on Future Information Technologies, Beijing, China, Nov. 28, 2011

6.      Future Internet Research in China, AsiaFI 2011 Summer School, Daejeon, Korea, Aug. 9, 2011

7.      Future Internet related Research Activities in China, Future Internet Testbed Workshop at the 30th Asia-Pacific Advanced Network (APAN30), Hanoi, Vietnam, Aug. 11, 2010http://www.apan.net/meetings/Hanoi2010/Session/Slides/FutureInternet/3-1.pdf

8.      IPv6 Source Address Validation, China Telecom Training Center Meeting, Shanghai, China, April 13, 2010

9.      Future Internet: Short-term Deployment (IPv6), the 2nd Meeting of EU-CHINA Dialogue on Information & Communication Technologies Research, Brussels, Belgium, March 21, 2010 (as part of delegation of the PRC’s Ministry of Science and Technology

10.   New Generation Internet Research in China, Invited tutorial at Kyung Hee University (KHU), Suwon, Korea, Feb. 19, 2010

11.   SAVI-CPS and CERNET2 Deployment, the 10th Chinese American Networking Symposium (CANS2009), Beijing, China, Dec. 4, 2009

12.   China's FI Researches and Testbed, GLORIAD and Future Internet Research & Testbed Workshop, Seoul, Korea, June 19, 2009

13.   IPv6 Source Address Validation in CNGI-CERNET2, 2009全球IPv6下一代互联网高峰会议(Global IPv6 Summit 2009, Beijing, China, April 16, 2009

14.   IPv6 Source Address Validation, 第二届CNGI工程技术论坛暨移动互联网国际研讨会(2008 CNGI-ETF & International Mobile Internet Conference),Beijing, China, Dec. 19, 2008

15.   Security and Trust in the Future Internet, AsiaFI Workshop on Fundamental Issues of Future Internet, Qingdao, China, Oct. 26, 2008

16.   A Source Address Validation Architecture (SAVA) and IETF SAVI Working Group, the 9th Chinese American Networking Symposium (CANS2008), Indianapolis, USA, Oct. 20, 2008

17.   可信任下一代互联网及真实源地址验证技术(Trustworthy Next Generation Internet and Source Address Validation Technologies, 中国电信可信任网络研讨会(China Telecom Symposium on Trustworthy Network, Guiyang, China, Oct.14, 2008

18.   CNGI-CERNET2 IPv6 Testbed and SAVA, the 4th IEEE International Conference on Networked Computing and Advanced Information Management (NOM08), Gyeongju, Korea, Sep. 2, 2008 (Keynote Speech)

19.   IPv6 Source Address Validation and IETF Efforts, Future Internet Testbed Workshop at the 26th Asia-Pacific Advanced Network (APAN26), Queenstown, New Zealand, Aug. 6, 2008

20.   Source Address Spoofing and Prevention, the 3rd International Conference on Future Internet (CFI08), Seoul, Korea, June 18, 2008. (Invited Tutorial)

21.   IPv6 Source Address Validation Architecture and CERNET2 Experience, the 14th Advanced Network Workshop, Seoul, Korea, Nov. 1, 2007

22.   Source Address Validation Architecture (SAVA), the 8th Chinese American Networking Symposium (CANS2007), Xi’an, China, Aug. 26, 2007

23.   Source Address Validation Architecture (SAVA) and CERNET2 Experience, APRICOT2007, Bali, Indonesia, Feb, 26, 2007

24.   Ideas for Future Work on Source Address Verification, Internet Area Open Meeting at IETF67 meeting, San Diego, USA, Nov. 6, 2006

25.   SAVA: IPv6 Source Address Verification Architecture, the 2nd China-Korea Joint Workshop, Beijing, China, Aug. 29, 2006