Detecting compromised routers via packet forwarding behavior

Files

Detecting compromised routers via packet forwarding behavior.pdf (109.6 KB)

Date

2008

Authors

Mizrak, A.T.
Savage, S.
Marzullo, K.

Editor(s)

Advisor

Supervisor

Co-Advisor

Co-Supervisor

Instructor

BUIR Usage Stats
2
views
24
downloads

Citation Stats

  • Share

Series

Abstract

While it is widely understood that criminal miscreants are subverting large numbers of Internet-connected computers (e.g., for bots, spyware, SPAM forwarding), it is less well appreciated that Internet routers are also being actively targeted and compromised. Indeed, due to its central role in end-to-end communication, a compromised router can be leveraged to empower a wide range of direct attacks including eavesdropping, man-in-the-middle subterfuge, and denial of service. In response, a range of specialized anomaly detection protocols has been proposed to detect misbehaving packet forwarding between routers. This article provides a general framework for understanding the design space of this work and reviews the capabilities of various detection protocols. © 2008 IEEE.

Source Title

IEEE Network

Publisher

Course

Other identifiers

Book Title

Keywords

Computer crime, Network protocols, Network security, Packet networks, Denial of service, Detection protocols, End-to-end communication, Packet forwarding, Routers

Degree Discipline

Degree Level

Degree Name

Citation

Permalink

http://hdl.handle.net/11693/23193

Published Version (Please cite this version)

http://dx.doi.org/10.1109/MNET.2008.4476069

Collections

Scholarly Publications - Computer Engineering

Language

English

Type

Article