Title :
Securing QoS threats to RSVP messages and their countermeasures
Author :
Tsung-Li Wu ; Wu, S. Felix ; Fu, Zhi ; Huang, He ; Gong, Fengmin
Author_Institution :
Dept. of ECE, North Carolina State Univ., Raleigh, NC, USA
Abstract :
In this paper, we study one type of DoQoNS (denial of quality of network service) attacks: attacks directly on the resource reservation and setup protocol. Particularly, we have studied and analyzed the RSVP protocol. Two contributions are: first, we performed a security analysis on RSVP which demonstrates the key vulnerabilities of its distributed resource reservation and setup process. Second, we proposed a new secure RSVP protocol, SDS/CD (selective digital signature with conflict detection), which combines the strength of attack prevention and intrusion detection. SDS/CD resolves a fundamental issue in network security: how to protect the integrity, in an end-to-end fashion, of a target object that is mutable along the route path. As a result, we will show that SDS/CD can deal with many insider attacks that can not be handled by the current IETF/RSVP security solution: hop-by-hop authentication
Keywords :
protocols; quality of service; telecommunication security; QoS; RSVP messages; SDS/CD; attack prevention; countermeasures; denial of quality of network service; end-to-end fashion; intrusion detection; network security; resource reservation and setup protocol; selective digital signature with conflict detection; Authentication; Degradation; Digital signatures; Intrusion detection; Performance analysis; Protection; Protocols; Quality of service; Security; Unicast;
Conference_Titel :
Quality of Service, 1999. IWQoS '99. 1999 Seventh International Workshop on
Conference_Location :
London
Print_ISBN :
0-7803-5671-3
DOI :
10.1109/IWQOS.1999.766479
