Efficient Random Route Mutation considering flow and network constraints
CNS(2013)
摘要
In the current network protocol infrastructure, forwarding routes are mostly static except in case of failures or performance issues. However, static route selection offers a significant advantage for adversaries to eavesdrop, or launch DoS attacks on certain network flows. Previous works on multipath routing in wireless networks propose using random forwarding to avoid jamming and blackhole attacks [18]. However, this work is far from being practical for wired network because of many topological and QoS constraints. Moreover, the potential of finding a significant number of disjoint paths in wired networks is extremely low, which consequently decreases the value of RRM. In this paper we present a proactive Random Route Mutation (RRM) technique that enables changing randomly the route of the multiple flows in a network simultaneously to defend against reconnaissance, eavesdrop and DoS attacks, while preserving end-to-end QoS properties. Our contributions in this paper are three-fold: (1) modeling RRM as a constraint satisfaction problem using Satisfiability Modulo Theories (SMT) to identify efficient practical route mutations, (2) proposing a new overlay placement technique that can maximize the effectiveness of RRM in visualized networks, and (3) developing analytical and experimental models to measure the effectiveness of RRM under different adversary models and network parameters. We develop a prototype RRM implementation in Software Defined Networks (SDNs). Our analysis, simulation and preliminary implementation show that RRM can protect at least 90% of the packet flow from being attacked against realistic attackers, as compared with static routes. Our evaluation study also shows that RRM can be efficiently deployed on both conventional networks and SDNs without causing any significant disruption for active flows.
更多查看译文
关键词
wired network,multipath routing,qos constraint,network constraints,network protocol infrastructure,constraint satisfaction problem,static route selection,software defined network,quality of service,dos attack,wireless network,computer network security,network flow,computability,random forwarding,rrm technique,random route mutation technique,software radio,telecommunication network routing,satisfiability modulo theory
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络