Fundamentals of computer security technology
Fundamentals of computer security technology
Approximating Fractional Multicommodity Flow Independent of the Number of Commodities
SIAM Journal on Discrete Mathematics
Computing vertex connectivity: new bounds from old techniques
FOCS '96 Proceedings of the 37th Annual Symposium on Foundations of Computer Science
IPSec VPN Design
Light-weight End-to-End QoS as DoS Prevention
LCN '07 Proceedings of the 32nd IEEE Conference on Local Computer Networks
Resilient network admission control
Computer Networks: The International Journal of Computer and Telecommunications Networking
Distributed Automatic Configuration of Complex IPsec-Infrastructures
Journal of Network and Systems Management
A survey on automatic configuration of virtual private networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
By monitoring the exchanged IPsec traffic an adversary can usually easily discover the layout of virtual private networks (VPNs). Of even worse extend is the disclosure if compromised IPsec gateways are considered, for example in remote environments. This revelation enables attackers to identify vital components and may allow him to compromise the availability of the overall infrastructure by launching well-targeted denial-of-service (DoS) attacks against them. In this article we present a formal model to analyze the resilience of VPN infrastructures against DoS attacks, to estimate the impact of compromised gateways, and to formalize the planning process of more resilient infrastructures.