Techniques for Detection of Malicious Packet Drops in Networks

The introduction of programmability and dynamic protocol deployment in routers, there would be an increase in the potential vulnerabilities and attacks . The next- generation Internet promises to provide a fundamental shift in the underlying architecture to support dynamic deployment of network protocols. In this thesis, we consider the problem of detecting malicious packet drops in routers. Specifically, we focus on an attack scenario, where a router selectively drops packets destined for another node. Detecting such an attack is challenging since it requires differentiating malicious packet drops from congestion-based packet losses. We propose a controller- based malicious packet detection technique that effectively detects malicious routers using delayed sampling technique and verification of the evidence. The verification involves periodically determining congestion losses in the network and comparing the forwarding behaviors of the adjoining routers to affirm the state of a router in the network. We provide a performance analysis of the detection accuracy and quantify the communication overhead of our system. Our results show that our technique provides accurate detection with low performance overhead

An Acknowledgment-Based Approach for the Detection of Routing Misbehavior in MANETs

We study routing misbehavior in MANETs (Mobile Ad Hoc Networks) in this paper. In general, routing protocols for MANETs are designed based on the assumption that all participating nodes are fully cooperative. However, due to the open structure and scarcely available battery-based energy, node misbehaviors may exist. One such routing misbehavior is that some selfish nodes will participate in the route discovery and maintenance processes but refuse to forward data packets. In this paper, we propose the 2ACK scheme that serves as an add-on technique for routing schemes to detect routing misbehavior and to mitigate their adverse effect. The main idea of the 2ACK scheme is to send two-hop acknowledgment packets in the opposite direction of the routing path. In order to reduce additional routing overhead, only a fraction of the received data packets are acknowledged in the 2ACK scheme. Analytical and simulation results are presented to evaluate the performance of the proposed scheme

Routing-Verification-as-a-Service (RVaaS): Trustworthy Routing Despite Insecure Providers

Computer networks today typically do not provide any mechanisms to the users to learn, in a reliable manner, which paths have (and have not) been taken by their packets. Rather, it seems inevitable that as soon as a packet leaves the network card, the user is forced to trust the network provider to forward the packets as expected or agreed upon. This can be undesirable, especially in the light of today's trend toward more programmable networks: after a successful cyber attack on the network management system or Software-Defined Network (SDN) control plane, an adversary in principle has complete control over the network. This paper presents a low-cost and efficient solution to detect misbehaviors and ensure trustworthy routing over untrusted or insecure providers, in particular providers whose management system or control plane has been compromised (e.g., using a cyber attack). We propose Routing-Verification-as-a-Service (RVaaS): RVaaS offers clients a flexible interface to query information relevant to their traffic, while respecting the autonomy of the network provider. RVaaS leverages key features of OpenFlow-based SDNs to combine (passive and active) configuration monitoring, logical data plane verification and actual in-band tests, in a novel manner

Detecting Routing Misbehavior In Mobile Ad Hoc Network

Routing misbehavior in MANETs (Mobile Ad Hoc Networks) is studied in this thesis. In general, routing protocols for MANETs are designed based on the assumption that all par- ticipating nodes are fully cooperative. However, due to the open structure and scarcely available battery-based energy, node misbehaviors may exist. One such routing misbehavior is that some selfish nodes will participate in the route discovery and maintenance processes but refuse to forward data packets. Therefore, we propose the 2ACK scheme that serves as an add-on technique for routing schemes to detect routing misbehavior and to mitigate their adverse effect. The main idea of the 2ACK scheme is to send two-hop acknowledgment packets in the opposite direction of the routing path. In order to reduce additional routing overhead, only a fraction of the received data packets are acknowledged in the 2ACK scheme. Analytical and simulation results are presented to evaluate the performance of the proposed scheme

Detecting Routing Misbehavior In Mobile Ad Hoc Network

Routing misbehavior in MANETs (Mobile Ad Hoc Networks) is studied in this thesis. In general, routing protocols for MANETs are designed based on the assumption that all par- ticipating nodes are fully cooperative. However, due to the open structure and scarcely available battery-based energy, node misbehaviors may exist. One such routing misbehavior is that some selfish nodes will participate in the route discovery and maintenance processes but refuse to forward data packets. Therefore, we propose the 2ACK scheme that serves as an add-on technique for routing schemes to detect routing misbehavior and to mitigate their adverse effect. The main idea of the 2ACK scheme is to send two-hop acknowledgment packets in the opposite direction of the routing path. In order to reduce additional routing overhead, only a fraction of the received data packets are acknowledged in the 2ACK scheme. Analytical and simulation results are presented to evaluate the performance of the proposed scheme

Challenges on Missing Packet Detection or Packet Dropping Attacks in Mobile Adhoc Network -A Survey

Collection of wireless nodes forms together to communicate each other in the network without infrastructure less and any access point along with the characteristics of freedom in mobility is called Mobile Adhoc Network. Transmitting of packets from source to destination plays the vital role in MANET. When a Packet is not delivered properly at the destination , its affects the performance of the MANET.  Due to this characteristics of the mobility nodes can subject to falls on the packet missing also the various packets dropping security attacks take part in the dropping the packets while communication to achieve the decreasing the performance of the MANET. This article focus on the survey about the missing packet assembly as well the packet dropping security attacks in MANET

It bends but would it break?:topological analysis of BGP infrastructures in Europe

The Internet is often thought to be a model of resilience, due to a decentralised, organically-grown architecture. This paper puts this perception into perspective through the results of a security analysis of the Border Gateway Protocol (BGP) routing infrastructure. BGP is a fundamental Internet protocol and its intrinsic fragilities have been highlighted extensively in the literature. A seldom studied aspect is how robust the BGP infrastructure actually is as a result of nearly three decades of perpetual growth. Although global black-outs seem unlikely, local security events raise growing concerns on the robustness of the backbone. In order to better protect this critical infrastructure, it is crucial to understand its topology in the context of the weaknesses of BGP and to identify possible security scenarios. Firstly, we establish a comprehensive threat model that classifies main attack vectors, including but non limited to BGP vulnerabilities. We then construct maps of the European BGP backbone based on publicly available routing data. We analyse the topology of the backbone and establish several disruption scenarios that highlight the possible consequences of different types of attacks, for different attack capabilities. We also discuss existing mitigation and recovery strategies, and we propose improvements to enhance the robustness and resilience of the backbone. To our knowledge, this study is the first to combine a comprehensive threat analysis of BGP infrastructures withadvanced network topology considerations. We find that the BGP infrastructure is at higher risk than already understood, due to topologies that remain vulnerable to certain targeted attacks as a result of organic deployment over the years. Significant parts of the system are still uncharted territory, which warrants further investigation in this direction