Internetworking with TCP/IP: principles, protocols, and architecture
Internetworking with TCP/IP: principles, protocols, and architecture
TCP/IP illustrated (vol. 1): the protocols
TCP/IP illustrated (vol. 1): the protocols
Elements of network protocol design
Elements of network protocol design
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Network support for IP traceback
IEEE/ACM Transactions on Networking (TON)
Internet security attacks at the basic levels
ACM SIGOPS Operating Systems Review
Digital signature protection of the OSPF routing protocol
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Securing Distance-Vector Routing Protocols
SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security
Hop integrity in computer networks
ICNP '00 Proceedings of the 2000 International Conference on Network Protocols
An efficient message authentication scheme for link state routing
ACSAC '97 Proceedings of the 13th Annual Computer Security Applications Conference
A Simple active attack against TCP
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
TinySec: a link layer security architecture for wireless sensor networks
SenSys '04 Proceedings of the 2nd international conference on Embedded networked sensor systems
Tabu Marking Scheme for IP Traceback
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
IP Easy-pass: a light-weight network-edge resource access control
IEEE/ACM Transactions on Networking (TON)
Tabu marking scheme to speedup IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
LIPS: a lightweight permit system for packet source origin accountability
Computer Networks: The International Journal of Computer and Telecommunications Networking
ALPHA: an adaptive and lightweight protocol for hop-by-hop authentication
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Hi-index | 0.00 |
A computer network is said to provide hop integrity iff when any router p in the network receives a message m supposedly from an adjacent router q, then p can check that m was indeed sent by q, was not modified after it was sent, and was not a replay of an old message sent from q to p. In this paper, we describe three protocols that can be added to the routers in a computer network so that the network can provide hop integrity, and thus overcome most denial-of-service attacks. These three protocols are a secret exchange protocol, a weak integrity protocol, and a strong integrity protocol. All three protocols are stateless, require small overhead, and do not constrain the network protocol in the routers in any way.