Increasing communications security through protocol parameter diversity

TítuloIncreasing communications security through protocol parameter diversity
Tipo de publicaciónConference Paper
Year of Publication2006
AutoresBarrantes, E, Forrest, S
Conference NameProceedings of the 32nd Latin-American Conference on Informatics
Date Published08/2006
PublisherLatin-American Conference on Informatics, CLEI
Conference LocationSantiago, Chile
Palabras clavediversity defenses, networks, pulsing attacks, Security

Pulsing attacks use carefully synchronized high-rate low-duration bursts of traffic that are injected into a network to induce denial-of-service. These attacks are effective because the bursts force protocols into low-performance states. The synchronization relies on the fact that most computers run protocols with identical parameter values. The use of diverse parameter value could make the attacks much less likely to succeed. This paper describes how parameters in TCP protocol implementations can be automatically diversified, introduces several evaluation metrics, and assesses the efficacy of this defense using Kuzmanovic’s shrew pulsing attack. The experiments show that in a diversified environment under attack, some hosts can obtain near normal throughput, while average network throughput is improved for most (but not all) attack scenarios. Heterogeneity of parameter values among hosts is key to the defense.