Title :
Effects of mobility and multihoming on transport-protocol security
Author :
Aura, Tuomas ; Nikander, Pekka ; Camarillo, Gonzalo
Author_Institution :
Microsoft Res., Cambridge, UK
Abstract :
The Stream Control Transmission Protocol (SCTP) is a reliable message-based transport protocol developed by the IETF that could replace TCP in some applications. SCTP allows endpoints to have multiple IP addresses for the purposes of fault tolerance. There is on-going work to extend the SCTP multihoming functions to support dynamic addressing and endpoint mobility. This paper explains how the multihoming and mobility features can be exploited for denial-of-service attacks, connection hijacking, and packet flooding. We propose implementation guidelines for SCTP and changes to the mobility extensions that prevent most of the attacks. The same lessons apply to multihomed TCP variants and other transport-layer protocols that incorporate some flavor of dynamic addressing.
Keywords :
IP networks; Internet; computer crime; message passing; mobile computing; telecommunication security; transport protocols; IP addresses; SCTP mobility; SCTP multihoming; Stream Control Transmission Protocol; connection hijacking; denial-of-service attacks; dynamic addressing; endpoint mobility; fault tolerance; message-based transport protocol; packet flooding; transport layer protocols; transport protocol security; Access protocols; Computer crime; Data security; Fault tolerance; Guidelines; Internet; Mobile communication; Proposals; TCPIP; Transport protocols;
Conference_Titel :
Security and Privacy, 2004. Proceedings. 2004 IEEE Symposium on
Print_ISBN :
0-7695-2136-3
DOI :
10.1109/SECPRI.2004.1301312
