Increasing Communications Security through Protocol Parameter Diversity

Tipo de publicación: Conference Paper

Publicado en: Proceedings of the 32nd Latin-American Conference on Informatics

Autores
  • Barrantes, E
  • Forrest, Stephanie

Investigadores del CITIC asociados a la publicación
E. Gabriela Barrantes Sliesarieva

Proyecto asociado a la publicación
Proyecto sombrilla

Palabras claves
  • diversity defenses
  • networks
  • pulsing attacks
  • Security
Resumen

Pulsing attacks use carefully synchronized high-rate low-duration bursts of traffic that are injected into a network to induce denial-of-service. These attacks are effective because the bursts force protocols into low-performance states. The synchronization relies on the fact that most computers run protocols with identical parameter values. The use of diverse parameter value could make the attacks much less likely to succeed. This paper describes how parameters in TCP protocol implementations can be automatically diversified, introduces several evaluation metrics, and assesses the efficacy of this defense using Kuzmanovic’s shrew pulsing attack. The experiments show that in a diversified environment under attack, some hosts can obtain near normal throughput, while average network throughput is improved for most (but not all) attack scenarios. Heterogeneity of parameter values among hosts is key to the defense.

BIBTEXT

Datos bibliográficos
Cita bibliográfica
Increasing communications security through protocol parameter diversity