Return to search

Techniques for Detection of Malicious Packet Drops in Networks

The introduction of programmability and dynamic protocol deployment in routers, there would be an increase in the potential vulnerabilities and attacks . The next- generation Internet promises to provide a fundamental shift in the underlying architecture to support dynamic deployment of network protocols. In this thesis, we consider the problem of detecting malicious packet drops in routers. Specifically, we focus on an attack scenario, where a router selectively drops packets destined for another node. Detecting such an attack is challenging since it requires differentiating malicious packet drops from congestion-based packet losses. We propose a controller- based malicious packet detection technique that effectively detects malicious routers using delayed sampling technique and verification of the evidence. The verification involves periodically determining congestion losses in the network and comparing the forwarding behaviors of the adjoining routers to affirm the state of a router in the network. We provide a performance analysis of the detection accuracy and quantify the communication overhead of our system. Our results show that our technique provides accurate detection with low performance overhead.

Identiferoai:union.ndltd.org:UMASS/oai:scholarworks.umass.edu:theses-2026
Date01 January 2012
CreatorsDesai, Vikram R
PublisherScholarWorks@UMass Amherst
Source SetsUniversity of Massachusetts, Amherst
Detected LanguageEnglish
Typetext
Formatapplication/pdf
SourceMasters Theses 1911 - February 2014

Page generated in 0.0013 seconds