Title :
Evasive Internet: Reducing Internet Vulnerability through Transient Addressing
Author :
Rabinovich, Michael ; Spatscheck, Oliver
Author_Institution :
Case Western Reserve Univ., OH, USA
Abstract :
This paper presents our vision for Evasive Internet, where destinations are only reachable through capabilities, which serve as hosts´ flat transient addresses. Just as today´s host addresses, our capabilities are obtained from the DNS hierarchy, thus never exposing destinations themselves to unprotected traffic. Our design supports in-network authentication of transient addresses and attribution of traffic they generate; our design further gives hosts full control over incoming flows. We achieve these objectives without exposing hosts to unprotected capability request traffic and without distributed filtering infrastructure. While significant work is needed to flesh out our vision, we hope it will contribute to improving security in future networks.
Keywords :
Internet; security of data; DNS hierarchy; Internet vulnerability; evasive Internet; in-network authentication; transient addressing; Authentication; Authorization; Communication system traffic control; Communications Society; Information filtering; Information filters; Internet; Protection; Security; Web server;
Conference_Titel :
INFOCOM IEEE Conference on Computer Communications Workshops , 2010
Conference_Location :
San Diego, CA
Print_ISBN :
978-1-4244-6739-6
Electronic_ISBN :
978-1-4244-6739-6
DOI :
10.1109/INFCOMW.2010.5466668
