• DocumentCode
    1110852
  • Title

    Detecting compromised routers via packet forwarding behavior

  • Author

    Mizrak, Alper T. ; Savage, Stefan ; Marzullo, Keith

  • Author_Institution
    Bilkent Univ., Ankara
  • Volume
    22
  • Issue
    2
  • fYear
    2008
  • Firstpage
    34
  • Lastpage
    39
  • Abstract
    While it is widely understood that criminal miscreants are subverting large numbers of Internet-connected computers (e.g., for bots, spyware, SPAM forwarding), it is less well appreciated that Internet routers are also being actively targeted and compromised. Indeed, due to its central role in end-to-end communication, a compromised router can be leveraged to empower a wide range of direct attacks including eavesdropping, man-in-the-middle subterfuge, and denial of service. In response, a range or specialized anomaly detection protocols has been proposed to detect misbehaving packet forwarding between routers. This article provides a general framework for understanding the design space of this work and reviews the capabilities of various detection protocols.
  • Keywords
    Internet; telecommunication network routing; telecommunication security; Internet routers; Internet-connected computers; anomaly detection protocols; end-to-end communication; packet forwarding behavior; Buffer storage; Computer crime; Condition monitoring; Delay; Detectors; Internet; Protocols; Telecommunication traffic; Traffic control; Unsolicited electronic mail;
  • fLanguage
    English
  • Journal_Title
    Network, IEEE
  • Publisher
    ieee
  • ISSN
    0890-8044
  • Type

    jour

  • DOI
    10.1109/MNET.2008.4476069
  • Filename
    4476069
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1110852