3,450 research outputs found
How to Specify and How to Prove Correctness of Secure Routing Protocols for MANET
Secure routing protocols for mobile ad hoc networks have been developed
recently, yet, it has been unclear what are the properties they achieve, as a
formal analysis of these protocols is mostly lacking. In this paper, we are
concerned with this problem, how to specify and how to prove the correctness of
a secure routing protocol. We provide a definition of what a protocol is
expected to achieve independently of its functionality, as well as
communication and adversary models. This way, we enable formal reasoning on the
correctness of secure routing protocols. We demonstrate this by analyzing two
protocols from the literature
Planning and verification of multipath routing protocols
Conventionally the problem of the best path in a network refers to the shortest path problem.
However, for the vast majority of networks present nowadays this solution has some limitations which directly affect their proper functioning, as well as an inefficient use of their potentialities.
Problems at the level of large networks where graphs of high complexity are commonly present as well as the appearing of new services and their respective requirements, are intrinsically related to the inability of this solution. In order to overcome the needs present in these networks, a new approach to the problem of the best path must be explored. One solution that has aroused more interest in the scientific community considers the use of multiple paths
between two network nodes, where they can all now be considered as the best path between those nodes. Therefore, the routing will be discontinued only by minimizing one metric, where only one path between nodes is chosen, and shall be made by the selection of one of many paths, thereby allowing the use of a greater diversity of the present paths (obviously, if the network consents).
The establishment of multi-path routing in a given network has several advantages for its
operation. Its use may well improve the distribution of network traffic, improve recovery time to failure, or it can still offer a greater control of the network by its administrator. These factors still
have greater relevance when networks have large dimensions, as well as when their
constitution is of high complexity, such as the Internet, where multiple networks managed by different entities are interconnected. A large part of the growing need to use multipath protocols is associated to the routing made based on policies. Therefore, paths with different
characteristics can be considered with equal level of preference, and thus be part of the solution for the best way problem.
To perform multi-path routing using protocols based only on the destination address has some limitations but it is possible. Concepts of graph theory of algebraic structures can be used to describe how the routes are calculated and classified, enabling to model the routing problem.
This thesis studies and analyzes multi-path routing protocols from the known literature and derives a new algebraic condition which allows the correct operation of these protocols without any network restriction. It also develops a range of software tools that allows the planning and the respective verification/validation of new protocols models according to the study made
TARANET: Traffic-Analysis Resistant Anonymity at the NETwork layer
Modern low-latency anonymity systems, no matter whether constructed as an
overlay or implemented at the network layer, offer limited security guarantees
against traffic analysis. On the other hand, high-latency anonymity systems
offer strong security guarantees at the cost of computational overhead and long
delays, which are excessive for interactive applications. We propose TARANET,
an anonymity system that implements protection against traffic analysis at the
network layer, and limits the incurred latency and overhead. In TARANET's setup
phase, traffic analysis is thwarted by mixing. In the data transmission phase,
end hosts and ASes coordinate to shape traffic into constant-rate transmission
using packet splitting. Our prototype implementation shows that TARANET can
forward anonymous traffic at over 50~Gbps using commodity hardware
A mechanized proof of loop freedom of the (untimed) AODV routing protocol
The Ad hoc On-demand Distance Vector (AODV) routing protocol allows the nodes
in a Mobile Ad hoc Network (MANET) or a Wireless Mesh Network (WMN) to know
where to forward data packets. Such a protocol is 'loop free' if it never leads
to routing decisions that forward packets in circles. This paper describes the
mechanization of an existing pen-and-paper proof of loop freedom of AODV in the
interactive theorem prover Isabelle/HOL. The mechanization relies on a novel
compositional approach for lifting invariants to networks of nodes. We exploit
the mechanization to analyse several improvements of AODV and show that
Isabelle/HOL can re-establish most proof obligations automatically and identify
exactly the steps that are no longer valid.Comment: The Isabelle/HOL source files, and a full proof document, are
available in the Archive of Formal Proofs, at
http://afp.sourceforge.net/entries/AODV.shtm
Routing Regardless of Network Stability
We examine the effectiveness of packet routing in this model for the broad
class next-hop preferences with filtering. Here each node v has a filtering
list D(v) consisting of nodes it does not want its packets to route through.
Acceptable paths (those that avoid nodes in the filtering list) are ranked
according to the next-hop, that is, the neighbour of v that the path begins
with. On the negative side, we present a strong inapproximability result. For
filtering lists of cardinality at most one, given a network in which an
equilibrium is guaranteed to exist, it is NP-hard to approximate the maximum
number of packets that can be routed to within a factor of O(n^{1-\epsilon}),
for any constant \epsilon >0. On the positive side, we give algorithms to show
that in two fundamental cases every packet will eventually route with
probability one. The first case is when each node's filtering list contains
only itself, that is, D(v)={v}. Moreover, with positive probability every
packet will be routed before the control plane reaches an equilibrium. The
second case is when all the filtering lists are empty, that is,
. Thus, with probability one packets will route even
when the nodes don't care if their packets cycle! Furthermore, with probability
one every packet will route even when the control plane has em no equilibrium
at all.Comment: ESA 201
HORNET: High-speed Onion Routing at the Network Layer
We present HORNET, a system that enables high-speed end-to-end anonymous
channels by leveraging next generation network architectures. HORNET is
designed as a low-latency onion routing system that operates at the network
layer thus enabling a wide range of applications. Our system uses only
symmetric cryptography for data forwarding yet requires no per-flow state on
intermediate nodes. This design enables HORNET nodes to process anonymous
traffic at over 93 Gb/s. HORNET can also scale as required, adding minimal
processing overhead per additional anonymous channel. We discuss design and
implementation details, as well as a performance and security evaluation.Comment: 14 pages, 5 figure
Multipath policy routing in packet switched networks
Dissertação apresentada para obtenção do Grau de Mestre em Engenharia Electrotécnica e de Computadores, pela Universidade Nova de Lisboa, Faculdade de Ciências e TecnologiaNowadays, the continuous operations of large networks, under multiple ownerships, are of
tremendous importance and as a result, routing protocols have gained numerous extensions and accumulated complexity. Policy-based routing can be of signi cance for common networks when the cost of transporting a bit is no longer the biggest pressure point.
The best path problem is a generalization of the shortest path problem that suits policy
based routing. This means that preferences for the paths depend on semantically rich characteristics, in which two di erent paths may have the same preference. However, current policy-based routing models cannot take full advantage of the multiplicity of connections to a given destination and are single path in nature. Therefore multipath can bring several advantages in policy based routing.
Designing multipath routing protocols based on policies seem to be a problem of interest.
To model routing problems, algebraic structures and graph theory are used. Through
variants of classical methods of linear algebra routing problems can be solved.
The objective of this dissertation is to devise a multipath policy-based routing protocol using a simple destination-based hop-by-hop protocol with independent forwarding decisions.
Networks featuring these characteristics can be more resilient to failures, provide
better tra c distribution and maintain a simple forwarding paradigm. The dissertation
concludes with the trade-o 's between the
exibility of the proposed solution, the amount of multiple paths that can be used simultaneously and the network restrictions that must be applied
An Adaptive Policy Management Approach to BGP Convergence
The Border Gateway Protocol (BGP) is the current inter-domain routing protocol used to exchange reachability information between Autonomous Systems (ASes) in the Internet. BGP supports policy-based routing which allows each AS to independently adopt a set of local policies that specify which routes it accepts and advertises from/to other networks, as well as which route it prefers when more than one route becomes available. However, independently chosen local policies may cause global conflicts, which result in protocol divergence. In this paper, we propose a new algorithm, called Adaptive Policy Management Scheme (APMS), to resolve policy conflicts in a distributed manner. Akin to distributed feedback control systems, each AS independently classifies the state of the network as either conflict-free or potentially-conflicting by observing its local history only (namely, route flaps). Based on the degree of measured conflicts (policy conflict-avoidance vs. -control mode), each AS dynamically adjusts its own path preferences—increasing its preference for observably stable paths over flapping paths. APMS also includes a mechanism to distinguish route flaps due to topology changes, so as not to confuse them with those due to policy conflicts. A correctness and convergence analysis of APMS based on the substability property of chosen paths is presented. Implementation in the SSF network simulator is performed, and simulation results for different performance metrics are presented. The metrics capture the dynamic performance (in terms of instantaneous throughput, delay, routing load, etc.) of APMS and other competing solutions, thus exposing the often neglected aspects of performance.National Science Foundation (ANI-0095988, EIA-0202067, ITR ANI-0205294
- …