A Topological Characterization of TCP/IP Security
نویسنده
چکیده
The TCP/IP protocol suite has been designed to provide a simple, open communication infrastructure in an academic collaborative environment. Little attention has been paid to security issues. Therefore, the TCP/IP protocols are not able to provide the authentication, integrity, and privacy mechanisms to protect communication in a hostile environment. To solve the security problem, several secure higher-level protocols have been designed and implemented on top of TCP/IP, and ad hoc techniques have been developed to protect enterprise networks from TCP/IP-based attacks. Nonetheless, a formal approach to TCP/IP security is still lacking. This work presents a formal model of TCP/IP networks and describes some well-known attacks using the model. The formal topological characterization of TCP/IP security enables better understanding of the vulnerabilities and supports the design of tougher detection, protection and testing tools.
منابع مشابه
Evaluating Multipath TCP Resilience against Link Failures
Standard TCP is the de facto reliable transfer protocol for the Internet. It is designed to establish a reliable connection using only a single network interface. However, standard TCP with single interfacing performs poorly due to intermittent node connectivity. This requires the re-establishment of connections as the IP addresses change. Multi-path TCP (MPTCP) has emerged to utilize multiple ...
متن کاملTCP/IP Attacks, Defenses and Security Tools
The TCP/IP protocol suite is the foundation of Internet and is ubiquitous in almost all networks worldwide. It was written as a robust protocol, which is able to communicate despite node failures. The design parameters of TCP did not weigh security as important and placed an implicit trust on nodes. The result was a protocol which was reliable and robust, but contained myriad inherent security ...
متن کاملRepresenting TCP/IP Connectivity For Topological Analysis of Network Security
The individual vulnerabilities of hosts on a network can be combined by an attacker to gain access that would not be possible if the hosts were not interconnected. Currently available tools report vulnerabilities in isolation and in the context of individual hosts in a network. Topological vulnerability analysis (TVA) extends this by searching for sequences of interdependent vulnerabilities, di...
متن کاملA New Security Architecture for TCP/IP Protocol Suite
With the rapid growth and usage of Internet, network security becomes a major issue in the field of research. TCP and IP are the two protocols, which is basis for today’s Internet. IPv4 is the Internet protocol that is replaced with IPv6, which comes with the build mechanism called IPsec for security. But it lacks security in the application layer of TCP/IP Protocol suite. So there is a need fo...
متن کاملOn Teaching TCP/IP Protocol Analysis to Computer Forensics Examiners
Digital investigators have an increasing need to examine data network logs and traffic, either as part of criminal or civil investigations or when responding to information security incidents. To truly understand the contents of the logs and the data packets, examiners need to have a good foundation in the protocols comprising the Transmission Control Protocol/Internet Protocol (TCP/IP) suite. ...
متن کامل