DocumentCode :
2554659
Title :
Secure and Scalable Fault Localization under Dynamic Traffic Patterns
Author :
Xin Zhang ; Chang Lan ; Perrig, Adrian
fYear :
2012
fDate :
20-23 May 2012
Firstpage :
317
Lastpage :
331
Abstract :
Compromised and misconfigured routers are a well-known problem in ISP and enterprise networks. Data-plane fault localization (FL) aims to identify faulty links of compromised and misconfigured routers during packet forwarding, and is recognized as an effective means of achieving high network availability. Existing secure FL protocols are path-based, which assume that the source node knows the entire outgoing path that delivers the source node´s packets and that the path is static and long-lived. However, these assumptions are incompatible with the dynamic traffic patterns and agile load balancing commonly seen in modern networks. To cope with real-world routing dynamics, we propose the first secure neighborhood-based FL protocol, DynaFL, with no requirements on path durability or the source node knowing the outgoing paths. Through a core technique we named delayed key disclosure, DynaFL incurs little communication overhead and a small, constant router state independent of the network size or the number of flows traversing a router. In addition, each DynaFL router maintains only a single secret key, which based on our measurement results represents 2 - 4 orders of magnitude reduction over previous path-based FL protocols.
Keywords :
Internet; computer network reliability; computer network security; cryptographic protocols; fault location; resource allocation; routing protocols; telecommunication traffic; DynaFL; ISP; agile load balancing; dynamic traffic pattern; enterprise network; fault link; flow traversing; neighborhood-based FL protocol; network availability; packet forwarding; path-based FL protocol; routing dynamics; scalable fault localization; security; Load management; Routing; Routing protocols; Scalability; Security; Vectors;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Security and Privacy (SP), 2012 IEEE Symposium on
Conference_Location :
San Francisco, CA
ISSN :
1081-6011
Print_ISBN :
978-1-4673-1244-8
Electronic_ISBN :
1081-6011
Type :
conf
DOI :
10.1109/SP.2012.27
Filename :
6234421
Link To Document :
بازگشت