Using Overlays to Improve Network Security

Keromytis, Angelos D.; Misra, Vishal; Rubenstein, Daniel Stuart

As we increase our dependency upon networked communication, the incentive to compromise and degrade network performance increases for those who wish to disrupt the flow of information. Attacks that lead to such compromise and degradation can come in a variety of forms, including distributed denial of service (DDoS) attacks, cutting wires, jamming transmissions, and monitoring/eavesdropping. Users can protect themselves from monitoring by applying cryptographic techniques, and the recent work has explored developing networks that react to DDoS attacks by locating the source(s) of the attack. However, there has been little work that addresses preventing the other kinds of attacks as opposed to reacting to them. Here, we discuss how network overlays can be used to complicate the job of an attacker that wishes to prevent communication. To amplify our point, we focus briefly on a study of preventing DDoS attacks by using overlays.



Also Published In

Scalability and traffic control in IP networks II: 31 July-1 August, 2002, Boston, USA

More About This Work

Academic Units
Computer Science
Proceedings of SPIE, 4868
Published Here
July 9, 2012