hop integrity in computer networks

《hop integrity in computer networks》由会员上传分享，免费在线阅读，更多相关内容在教育资源-天天文库。

1、*HopIntegrityinComputerNetworks†M.G.GoudaE.N.ElnozahyC.-T.HuangT.M.McGuire†DepartmentofComputerSciencesIBMAustinResearchLabTheUniversityofTexasatAustin11400BurnetRd,M/S9460Austin,TX78712-1188Austin,TX78758{gouda,chuang,mcguire}@cs.utexas.edumootaz@us.ibm.comAbstracti.SmurfAttack:InanIPnetwork,any

2、computercansenda“ping”Acomputernetworkissaidtoprovidehopintegrityiffmessagetoanyothercomputerwhichrepliesbysendingwhenanyrouterpinthenetworkreceivesamessagembacka“pong”messagetothefirstcomputerasrequiredsupposedlyfromanadjacentrouterq,thenpcancheckbyInternetControlMessageProtocol(orICMP,forshort)

3、thatmwasindeedsentbyq,wasnotmodifiedafteritwas[14].Theultimatedestinationinthepongmessageisthesent,andwasnotareplayofanoldmessagesentfromqsameastheoriginalsourceinthepingmessage.Antop.Inthispaper,wedescribethreeprotocolsthatcanadversarycanutilizethesemessagestoattackacomputerbeaddedtotheroutersin

4、acomputernetworksothatthedinsuchanetworkasfollows.First,theadversaryinsertsnetworkcanprovidehopintegrity.Thesethreeprotocolsintothenetworkapingmessagewhoseoriginalsourceisareasecretexchangeprotocol,aweakintegrityprotocol,computerdandwhoseultimatedestinationisamulticastandastrongintegrityprotocol.

5、Allthreeprotocolsareaddressforeverycomputerinthenetwork.Second,astateless,requiresmalloverhead,anddonotconstraincopyoftheinsertedpingmessageissenttoeverythenetworkprotocolintheroutersinanyway.computerinthenetwork.Third,everycomputerinthenetworkrepliestoitspingmessagebysendingapongmessagetocompute

6、rd.Thus,computerdisfloodedby1.Introductionpongmessagesthatitdidnotrequested.ii.SYNAttack:MostcomputernetworkssufferfromthefollowingToestablishaTCPconnectionbetweentwocomputerssecurityproblem:inatypicalnetwork,anadversary,thatcandd,oneofthetwocomputerscsendsa“SYN”hasanaccesstothenetwork,caninsertn

7、ewmessages,messagetotheothercomputerd.Whendreceivesthemodifycurrentmessages,orreplayoldmessagesintheSYNmessage,itreservessomeofitsresourcesforthenetwork.Inmanycases,theinserted,modified,orexpectedconnectionandsendsa“SY