Session privacy enhancement by traffic dispersion

Haim Zlatokrilov*, Hanoch Levy

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

8 Scopus citations

Abstract

Traditional network routing uses the single (shortest) path paradigm. This paradigm leaves the session vulnerable to a variety of security threats, such as eavesdropping. We propose to overcome this via dispersive routing, conducted over multiple paths. This increases significantly the costs inflicted on an attacker who wishes to eavesdrop sessions by hijacking network links (or routers). We formulate the Security Traffic Manager (STM) problem (route session fragments1, over multiple paths, so that protection against an attacker, with a known hijacking budget, is guaranteed) and the attacker problem (find the cheapest hijacking strategy). The problems are analyzed for cases in which the attacker must eavesdrop all the fragments as well for cases in which it must eavesdrop only a fraction of them. We analyze the theoretical complexity of these problems and offer algorithms for finding dispersive routes that guarantee security. Though some theoretical cases of the problem are shown to be NP-Hard, typical practical cases can be solved by polynomial time algorithms. We extend the STM problem to more practical situations where the goal of the STM is to guarantee privacy, using minimal number of limited-length paths. The algorithms are tested through simulation and shown to be efficient in many scenarios. The model and algorithms offered in this study can be used for deploying a "session enhanced security" service in packet networks2.

Original languageEnglish
Title of host publicationProceedings - INFOCOM 2006
Subtitle of host publication25th IEEE International Conference on Computer Communications
DOIs
StatePublished - 2006
EventINFOCOM 2006: 25th IEEE International Conference on Computer Communications - Barcelona, Spain
Duration: 23 Apr 200629 Apr 2006

Publication series

NameProceedings - IEEE INFOCOM
ISSN (Print)0743-166X

Conference

ConferenceINFOCOM 2006: 25th IEEE International Conference on Computer Communications
Country/TerritorySpain
CityBarcelona
Period23/04/0629/04/06

Keywords

  • Component
  • Eavesdrop
  • Multi-path routing
  • Security
  • Traffic dipersion

Fingerprint

Dive into the research topics of 'Session privacy enhancement by traffic dispersion'. Together they form a unique fingerprint.

Cite this