Conversation Exchange Dynamics for Real-Time Network Monitoring and Anomaly Detection
IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
An advanced signature system for OLSR
Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks
Detecting and Isolating Malicious Routers
IEEE Transactions on Dependable and Secure Computing
How to avoid packet droppers with proactive routing protocols for ad hoc networks
International Journal of Network Management
Packet-dropping adversary identification for data plane security
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Resilience to dropping nodes in mobile ad hoc networks with link-state routing
NETWORKING'08 Proceedings of the 7th international IFIP-TC6 networking conference on AdHoc and sensor networks, wireless networks, next generation internet
Proactive resilience to dropping nodes in mobile ad hoc networks
AINTEC'06 Proceedings of the Second Asian international conference on Technologies for Advanced Heterogeneous Networks
| Hi-index | 0.00 |
The law of Conservation of Flow, which states that an input must either be absorbed or sent on as an output (possibly with modification), is an attractive tool with which to analyze network protocols for security properties. One of its uses is to detect disruptive network elements that launch Denial of Service attacks by absorbing or discarding packets. Its use requires several assumptions about the protocols being analyzed. In this paper, we examine the WATCHERS algorithm to detect misbehaving routers. We show that it uses Conservation of Flow without sufficient verification of its assumptions, and can consequently be defeated. We suggest improvements to make the use of Conservation of Flow valid.