KIT | KIT-Bibliothek | Impressum | Datenschutz

Credit-Based Authorization for Concurrent IP-Address Tests

Vogt, Christian

Abstract (englisch):
Route optimization enables mobile nodes to directly communicate with one another. This is an important efficiency benefit of modern mobility protocols like Mobile IPv6 or the Host Identity Protocol. However, route optimization can introduce the possibility for a new type of amplified flooding attacks if designed without care: An attacker may misuse the protocol to trick its peer into redirecting a flow of packets to a false, i.e., a victim's, IP address. A precautionary counter-measure used by various mobility protocols is to first determine whether the right node is present at a new IP address before any data packets are sent to that address. The test can be as simple as a ping carrying some unguessable, to-be-returned piece of data. Yet, an unfortunate side effect of this common approach is that it increases handover latency by one round-trip time, precluding interactive or real-time applications in many scenarios. This paper proposes a credit-based strategy that allows peers to continue communications while a new IP address is being examined. The optimization is exemplarily applied to Mobile IPv6 and the Host Identity Protocol, f ... mehr



Seitenaufrufe: 19
seit 01.12.2018
Zugehörige Institution(en) am KIT Institut für Telematik (TM)
Publikationstyp Proceedingsbeitrag
Jahr 2005
Sprache Englisch
Identifikator KITopen-ID: 1000087951
Erschienen in 14th IST Mobile and Wireless Communications Summit, Dresden, Germany, 19 - 23 Juni 2005. Hrsg.: G. Fettweis
Verlag Wiley, Chichester
Seiten 1-5
Serie European transactions on telecommunications ; 17,2
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page