论文信息 - Security issues in control, management and routing protocols

Security issues in control, management and routing protocols

The TCP/IP suite, the basis for today's Inter- net, lacks even the most basic mechanisms of authentication. As usage of the Internet increases, its scarcity of built-in se- curity becomes more and more problematic. This paper de- scribes serious attacks against IP control and management protocols with an accent on the ICMP protocol, as well as some of the well-known vulnerabilities of the inter-domain routing protocols. All the presented attacks have at least one common feature: they exploit intrinsic IP security flaws. The paper also discusses various solutions to these security breaches, including the use of IPsec, which currently offers cryptographic security services for the Internet infrastruc- ture.

[1] S. M. Bellovin,et al. Security problems in the TCP/IP protocol suite , 1989, CCRV.

[2] William Allen Simpson,et al. ICMP Domain Name Messages , 1995, RFC.

[3] Robert T. Braden,et al. Requirements for Internet Hosts - Communication Layers , 1989, RFC.

[4] Gene Tsudik,et al. Lowering security overhead in link state routing , 1999, Comput. Networks.

[5] Dan Harkins,et al. The Internet Key Exchange (IKE) , 1998, RFC.

[6] Stephen E. Deering,et al. ICMP Router Discovery Messages , 1991, RFC.

[7] Randall J. Atkinson,et al. Security Architecture for the Internet Protocol , 1995, RFC.

[8] Paul Ferguson,et al. Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing , 1998, RFC.

[9] William C. Fenner. Internet Group Management Protocol, Version 2 , 1997, RFC.

[10] Fred Baker,et al. RIP-2 MD5 Authentication , 1997, RFC.

[11] Radia J. Perlman,et al. Network layer protocols with Byzantine robustness , 1988 .

[12] Hugo Krawczyk,et al. A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[13] John Moy,et al. OSPF Version 2 , 1998, RFC.

[14] Stephen Deering,et al. Internet group management protocol , 1996 .

[15] Jon Postel,et al. Internet Control Message Protocol , 1981, RFC.