The way in which addressing and forwarding are implemented in the Internet
constitutes one of its biggest privacy and security challenges. The fact that
source addresses in Internet datagrams cannot be trusted makes the IP Internet
inherently vulnerable to DoS and DDoS attacks. The Internet forwarding plane is
open to attacks to the privacy of datagram sources, because source addresses in
Internet datagrams have global scope. The fact an Internet datagrams are
forwarded based solely on the destination addresses stated in datagram headers
and the next hops stored in the forwarding information bases (FIB) of relaying
routers allows Internet datagrams to traverse loops, which wastes resources and
leaves the Internet open to further attacks. We introduce PEAR (Provenance
Enforcement through Addressing and Routing), a new approach for addressing and
forwarding of Internet datagrams that enables anonymous forwarding of Internet
datagrams, eliminates many of the existing DDoS attacks on the IP Internet, and
prevents Internet datagrams from looping, even in the presence of routing-table
loops.Comment: Proceedings of IEEE Globecom 2016, 4-8 December 2016, Washington,
D.C., US
