Secure traceroute to detect faulty or malicious routing
ACM SIGCOMM Computer Communication Review
Malicious packet dropping: how it might impact the TCP performance and how we can detect it
ICNP '00 Proceedings of the 2000 International Conference on Network Protocols
Securing the Internet routing infrastructure
IEEE Communications Magazine
Internet infrastructure security: a taxonomy
IEEE Network: The Magazine of Global Internetworking
On the enhanced hyper-hamiltonian laceability of hypercubes
CEA'09 Proceedings of the 3rd WSEAS international conference on Computer engineering and applications
| Hi-index | 0.00 |
Network infrastructure security concerns the protection of a network instead of the confidentiality and integrity of packet content. Most of the existing methods require the modifications of routers or require them to run background processes. These kinds of methods are less reliable because they rely on the cooperation of routers in the network to detect any malicious router in the same network. In this paper, we propose to protect the network infrastructure by running a set of detection routines in the boundary firewalls of the network infrastructure. These routines can detect various kinds of network attacks without the assistance of routers. The routines use the hop-by-hop technique to send a number of testing packets to the routers in the network one by one. By observing the packet responds, the routines are able to identify the attacks to a network infrastructure (if there is any), namely, packet drop, packet misroute, or routing loop.