{"title":"Securing QoS threats to RSVP messages and their countermeasures","authors":"Tsung-Li Wu, S.F. Wu, Z. Fu, He Huang, F. Gong","doi":"10.1109/IWQOS.1999.766479","DOIUrl":null,"url":null,"abstract":"In this paper, we study one type of DoQoNS (denial of quality of network service) attacks: attacks directly on the resource reservation and setup protocol. Particularly, we have studied and analyzed the RSVP protocol. Two contributions are: first, we performed a security analysis on RSVP which demonstrates the key vulnerabilities of its distributed resource reservation and setup process. Second, we proposed a new secure RSVP protocol, SDS/CD (selective digital signature with conflict detection), which combines the strength of attack prevention and intrusion detection. SDS/CD resolves a fundamental issue in network security: how to protect the integrity, in an end-to-end fashion, of a target object that is mutable along the route path. As a result, we will show that SDS/CD can deal with many insider attacks that can not be handled by the current IETF/RSVP security solution: hop-by-hop authentication.","PeriodicalId":435117,"journal":{"name":"1999 Seventh International Workshop on Quality of Service. IWQoS'99. (Cat. No.98EX354)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1999-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"25","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"1999 Seventh International Workshop on Quality of Service. IWQoS'99. (Cat. No.98EX354)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IWQOS.1999.766479","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 25
Abstract
In this paper, we study one type of DoQoNS (denial of quality of network service) attacks: attacks directly on the resource reservation and setup protocol. Particularly, we have studied and analyzed the RSVP protocol. Two contributions are: first, we performed a security analysis on RSVP which demonstrates the key vulnerabilities of its distributed resource reservation and setup process. Second, we proposed a new secure RSVP protocol, SDS/CD (selective digital signature with conflict detection), which combines the strength of attack prevention and intrusion detection. SDS/CD resolves a fundamental issue in network security: how to protect the integrity, in an end-to-end fashion, of a target object that is mutable along the route path. As a result, we will show that SDS/CD can deal with many insider attacks that can not be handled by the current IETF/RSVP security solution: hop-by-hop authentication.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
