Securing data through avoidance routing

As threats on the Internet become increasingly sophisticated, we now recognize the value in controlling the routing of data in a manner that ensures security. However, few technical means for achieving this goal exist. In this paper we propose and design a system that allows users to specify regions of the Internet they wish their data to avoid. Using our system, data will either arrive at the destination along a path that avoids the specified regions, or no avoiding path exists. Beyond the design, we discuss the deployment, performance and security issues of this system, along with alternative approaches that could be used.

[1]  Hanoch Levy,et al.  Area Avoidance Routing in Distance-Vector Networks , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[2]  Neelima Gupta,et al.  Minimum Exposed Path to the Attack (MEPA) in Mobile Ad Hoc Network (MANET) , 2007, Sixth International Conference on Networking (ICN'07).

[3]  Heejo Lee,et al.  BASE: an incrementally deployable mechanism for viable IP spoofing prevention , 2007, ASIACCS '07.

[4]  Hui Zhang,et al.  A case for end system multicast (keynote address) , 2000, SIGMETRICS '00.

[5]  Hans-Werner Braun,et al.  Models of policy based routing , 1989, RFC.

[6]  Hanoch Levy,et al.  Navigation in Distance Vector Spaces and Its Use for Node Avoidance Routing , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[7]  Loay Abusalah,et al.  TARP: trust-aware routing protocol , 2006, IWCMC '06.

[8]  Christian Scheideler,et al.  Towards Scalable and Robust Overlay Networks , 2007, IPTPS.

[9]  Ivan Stojmenovic,et al.  Depth first search and location based localized routing and QoS routing in wireless networks , 2000, Proceedings 2000 International Conference on Parallel Processing.

[10]  David A. Maltz,et al.  The Dynamic Source Routing Protocol (DSR) for Mobile Ad Hoc Networks for IPv4 , 2007, RFC.

[11]  Jun Li,et al.  Resilient self-organizing overlay networks for security update delivery , 2004, IEEE Journal on Selected Areas in Communications.

[12]  Charles Lynn,et al.  Secure Border Gateway Protocol (Secure-BGP) , 2000 .

[13]  Lixia Zhang,et al.  The (In)Completeness of the Observed Internet AS-level Structure , 2010, IEEE/ACM Transactions on Networking.

[14]  Theodore W. Hong,et al.  Not for distribution or attribution : for review purposes only . Protecting Freedom of Information Online with Freenet , 2007 .

[15]  George Danezis,et al.  Low-cost traffic analysis of Tor , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[16]  Minglu Li,et al.  Secure enhancement scheme for routing protocol in mobile ad hoc networks , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[17]  Srinivasan Seshan,et al.  A case for end system multicast , 2002, IEEE J. Sel. Areas Commun..

[18]  Harry D. Raduege,et al.  Securing Cyberspace for the 44th Presidency , 2008 .

[19]  Liwen He A Novel Scheme on Building a Trusted IP Routing Infrastructure , 2006, International conference on Networking and Services (ICNS'06).

[20]  Peter Gutmann,et al.  Lessons Learned in Implementing and Deploying Crypto Software , 2002, USENIX Security Symposium.

[21]  R. Kent Secrets and lies. , 2007, Nursing standard (Royal College of Nursing (Great Britain) : 1987).

[22]  Scott Shenker,et al.  Making gnutella-like P2P systems scalable , 2003, SIGCOMM '03.

[23]  Ian Clarke,et al.  Protecting Free Expression Online with Freenet , 2002, IEEE Internet Comput..

[24]  Fred B. Schneider Network Neutrality versus Internet Trustworthiness? , 2008, IEEE Security & Privacy Magazine.

[25]  Paul F. Syverson,et al.  Hiding Routing Information , 1996, Information Hiding.

[26]  Jon Postel,et al.  Internet Protocol , 1981, RFC.

[27]  Simon Singh,et al.  The Code Book , 1999 .

[28]  Seung Yi,et al.  A Security-Aware Routing Protocol for Wireless Ad Hoc Networks , 2002 .

[29]  Edwin K. P. Chong,et al.  A multiconstraint QoS routing scheme using the depth-first search method with limited crankbacks , 2001, 2001 IEEE Workshop on High Performance Switching and Routing (IEEE Cat. No.01TH8552).

[30]  Stephen T. Kent,et al.  Secure Border Gateway Protocol (S-BGP) , 2000, IEEE Journal on Selected Areas in Communications.

[31]  Ossama Younis,et al.  Constraint-based routing in the internet: Basic principles and recent research , 2003, IEEE Communications Surveys & Tutorials.

[32]  Lixia Zhang,et al.  Geographically Informed Inter-Domain Routing , 2007, 2007 IEEE International Conference on Network Protocols.

[33]  Zhaoyu Liu,et al.  A dynamic trust model for mobile ad hoc networks , 2004, Proceedings. 10th IEEE International Workshop on Future Trends of Distributed Computing Systems, 2004. FTDCS 2004..

[34]  Robin Kravets,et al.  Security-aware ad hoc routing for wireless networks , 2001, MobiHoc '01.

[35]  Bobby Bhattacharjee,et al.  Scalable application layer multicast , 2002, SIGCOMM '02.

[36]  Ramesh Govindan,et al.  Heuristics for Internet map discovery , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).