Sciweavers

DSN
2006
IEEE

Secure Split Assignment Trajectory Sampling: A Malicious Router Detection System

14 years 6 months ago
Secure Split Assignment Trajectory Sampling: A Malicious Router Detection System
Routing infrastructure plays a vital role in the Internet, and attacks on routers can be damaging. Compromised routers can drop, modify, mis-forward or reorder valid packets. Existing proposals for secure forwarding require substantial computational overhead and additional capabilities at routers. We propose Secure Split Assignment Trajectory Sampling (SATS), a system that detects malicious routers on the data plane. SATS locates a set of suspicious routers when packets do not follow their predicted paths. It works with a traffic measurement platform using packet sampling, has low overhead on routers and is applicable to high-speed networks. Different subsets of packets are sampled over different groups of routers to ensure that an attacker cannot completely evade detection. Our evaluation shows that SATS can significantly limit a malicious router’s harm to a small portion of traffic in a network.
Sihyung Lee, Tina Wong, Hyong S. Kim
Added 11 Jun 2010
Updated 11 Jun 2010
Type Conference
Year 2006
Where DSN
Authors Sihyung Lee, Tina Wong, Hyong S. Kim
Comments (0)