Secure traceroute to detect faulty or malicious routing

Network routing is vulnerable to disruptions caused by malfunctioning or malicious routers that draw traffic towards themselves but fail to correctly forward the traffic. The existing approach to addressing this problem is to secure the routing protocol by having it validate routing updates, i.e., verify their authenticity, accuracy, and/or consistency. In this paper, we argue that it is also important to ensure the robustness of packet forwarding itself. To this end, we propose a different approach, the central idea of which is a secure traceroute protocol that enables end hosts or routers to detect and locate the source of (arbitrarily severe) routing misbehaviors, so that appropriate action can be taken.

[1]  Radia Perlman,et al.  Interconnections: Bridges, Routers, Switches, and Internetworking Protocols , 1999 .

[2]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[3]  Mischa Schwartz,et al.  ACM SIGCOMM computer communication review , 2001, CCRV.

[4]  Anna R. Karlin,et al.  Practical network support for IP traceback , 2000, SIGCOMM.

[5]  Gene Tsudik,et al.  Towards an Analysis of Onion Routing Security , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[6]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[7]  Radia J. Perlman,et al.  Network layer protocols with Byzantine robustness , 1988 .

[8]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[9]  Stephen T. Kent,et al.  Secure Border Gateway Protocol (S-BGP) , 2000, IEEE Journal on Selected Areas in Communications.

[10]  Jean-Pierre Hubaux,et al.  The quest for security in mobile ad hoc networks , 2001, MobiHoc '01.

[11]  Ari Juels,et al.  Client puzzles: A cryptographic defense against connection depletion , 1999 .

[12]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[13]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[14]  J.J. Garcia-Luna-Aceves,et al.  Securing the border gateway routing protocol , 1996, Proceedings of GLOBECOM'96. 1996 IEEE Global Telecommunications Conference.

[15]  Butler W. Lampson,et al.  SPKI Certificate Theory , 1999, RFC.

[16]  Charles Lynn,et al.  Secure Border Gateway Protocol (Secure-BGP) , 2000 .

[17]  Radia Perlman Interconnections: Bridges and Routers , 1992 .

[18]  Yih-Chun Hu,et al.  SEAD: secure efficient distance vector routing for mobile wireless ad hoc networks , 2002, Proceedings Fourth IEEE Workshop on Mobile Computing Systems and Applications.

[19]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .