TY - GEN
T1 - A poisoning-resilient TCP stack
AU - Mondal, Amit
AU - Kuzmanovic, Aleksandar
N1 - Copyright:
Copyright 2011 Elsevier B.V., All rights reserved.
PY - 2007
Y1 - 2007
N2 - We treat the problem of large-scale TCP poisoning: an attacker, who is able to monitor TCP packet headers in the network, can deny service to all flows traversing the monitoring point simply by injecting a single spoofed data or control packet into each of the flows. One of the entities responsible for this severe vulnerability is certainly the TCP protocol itself: it behaves as a "dummy" state machine that can more-than-easily become desynchronized by an attacker. In this paper, we explore ways for upgrading TCP endpoints into viable DoS-resilient protocol entities, capable of mitigating large-scale poisoning attacks. We show, by means of analytical modeling, simulations, and Internet experiments, how small upgrades implemented by the endpoints can dramatically improve resilience to attacks. The key mechanisms unique to our approach are (i) deferred protocol reaction, used to accurately detect poisoning attacks; (ii) forward nonces, applied to distinguish among different traffic sources during the attack; and (iii) self-clocking-based correlation, utilized for successfully detecting legitimate packet streams. Our solution solely relies on the protocol design, it is incrementally deployable, and TCP friendly.
AB - We treat the problem of large-scale TCP poisoning: an attacker, who is able to monitor TCP packet headers in the network, can deny service to all flows traversing the monitoring point simply by injecting a single spoofed data or control packet into each of the flows. One of the entities responsible for this severe vulnerability is certainly the TCP protocol itself: it behaves as a "dummy" state machine that can more-than-easily become desynchronized by an attacker. In this paper, we explore ways for upgrading TCP endpoints into viable DoS-resilient protocol entities, capable of mitigating large-scale poisoning attacks. We show, by means of analytical modeling, simulations, and Internet experiments, how small upgrades implemented by the endpoints can dramatically improve resilience to attacks. The key mechanisms unique to our approach are (i) deferred protocol reaction, used to accurately detect poisoning attacks; (ii) forward nonces, applied to distinguish among different traffic sources during the attack; and (iii) self-clocking-based correlation, utilized for successfully detecting legitimate packet streams. Our solution solely relies on the protocol design, it is incrementally deployable, and TCP friendly.
UR - http://www.scopus.com/inward/record.url?scp=48349144254&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=48349144254&partnerID=8YFLogxK
U2 - 10.1109/ICNP.2007.4375848
DO - 10.1109/ICNP.2007.4375848
M3 - Conference contribution
AN - SCOPUS:48349144254
SN - 1424415888
SN - 9781424415885
T3 - Proceedings - International Conference on Network Protocols, ICNP
SP - 174
EP - 183
BT - Proceedings - 15th IEEE International Conference on Network Protocols, ICNP 2007
T2 - 15th IEEE International Conference on Network Protocols, ICNP 2007
Y2 - 16 October 2007 through 19 October 2007
ER -