SKWeak Attacks on Path Splicing: Vulnerability Assessment and Defense Mechanisms

Author

Guirguis, Emad ; Guirguis, Mina ; Page, Christopher

Author_Institution

Dept. of Comput. Sci., Texas State Univ.-San Marcos, San Marcos, TX, USA

fYear

2010

fDate

6-10 Dec. 2010

Firstpage

1

Lastpage

5

Abstract

Path splicing is a proposed routing architecture for the Internet in which end-hosts (and intermediate routers) are empowered to change the paths their traffic uses by modifying a number of bits in the packet headers. These bits allow intermediate routers to choose alternate paths from the shortest one. To that end, this paper exposes SKWeak (Selective K Weakest links) attacks that exploit the adaptive behavior of end-hosts, through attacking the K weakest links. We show that SKWeak attack can significantly increase the network overhead due to the use of non-optimal paths. Our results show a multiplicative factor of SKWeak attacks that are close to 700. We propose defense mechanisms that aim to limit the dynamics induced by preventing excessive splicing from end-hosts. Our assessment is conducted on the Sprint topology with synthetic traffic matrices.

Keywords

Internet; computer network security; telecommunication network routing; telecommunication network topology; telecommunication traffic; Internet; SKWeak attacks; Sprint topology; defense mechanisms; network overhead; nonoptimal paths; packet headers; path splicing; routing architecture; selective K weakest link attack; synthetic traffic matrices; vulnerability assessment; Convergence; Internet; Peer to peer computing; Routing; Splicing; Switches; Topology;

fLanguage

English

Publisher

ieee

Conference_Titel

Global Telecommunications Conference (GLOBECOM 2010), 2010 IEEE

Conference_Location

Miami, FL

ISSN

1930-529X

Print_ISBN

978-1-4244-5636-9

Electronic_ISBN

1930-529X

Type

conf

DOI

10.1109/GLOCOM.2010.5683909

Filename

5683909