White Papers

A Poisoning-Resilient TCP Stack

Overview The problem of large-scale TCP poisoning is treated: an attacker, who is able to monitor TCP packet headers in the network, can deny service to all flows traversing the monitoring point simply by injecting a single spoofed data or control packet into each of the flows. One of the entities responsible for this severe vulnerability is certainly the TCP protocol itself: it behaves as a "dummy" state machine that can more-than-easily become desynchronized by an attacker. This paper explores ways for upgrading TCP endpoints into viable DoS-resilient protocol entities, capable of mitigating large-scale poisoning attacks. It shows, by means of analytical modeling, simulations, and Internet experiments, how small upgrades implemented by the endpoints can dramatically improve resilience to attacks.

By downloading you agree to our Terms and Conditions. These include information regarding use of your personal data.

Publisher: Northwestern University
File Format: PDF
Date Published: Jan 9, 2008
Format: White Papers
Topics: TCP - IP

Similiar White Papers

A Taxonomy of the Linux Network Stack

This paper tries to give readers not familiar with the Linux network stack a gentle introduction to the fundamental conc

Publisher: Oracle | Tags: data, ip, kernel, linux, network

Cisco - Access Control Lists and IP Fragments

This white paper explains the different kinds of Access Control List (ACL) entries and what happens when different kinds

Publisher: Cisco Systems | Tags: ip

Magic Quadrant for Unified Communications, 2007

Unified Communications (UC) offer the ability to significantly improve how individuals, groups and companies interact an

Publisher: Gartner | Tags: applications, business applications, ip, pbx, uc, unified, unified messaging, voip

How Cisco IT Deploys Closed-Circuit TV Cameras Over the Secure IP Network

Cisco uses video surveillance to help keep its work environment secure. Two years ago, Cisco used a combination of camer

Publisher: Cisco Systems | Tags: cctv, data, digital, ip, network, surveillance, tv

VLAN Load Balancing Between Trunks Using the Spanning-Tree Protocol Port Priority

This paper provides the theory behind VLAN load balancing between trunks, and also provides configuration examples for s

Publisher: Cisco Systems | Tags: ip

Northwestern University White Papers

An Application of Central Limit Theorem to Wide Area Network Service Level Agreement Analyses

Featured white papers

The Value of Location Intelligence in the Communications Industry

Pitney Bowes

Public Services are under pressure, the challenge is to do more with less. How do you improve citizen satisfaction, increase cost efficiencies and improve service delivery? The power of location intelligence is helping many local authorities...

Download now »
Best Practices for Translating Customer Satisfaction into Revenue

Citrix Online

Today's support organisations are focused on two top-level metrics: financial results and customer satisfaction. For most, it's easy to track financial performance, but customer satisfaction is akin to speaking a foreign language...

Download now »
HP print solutions and 3M

Hewlett-Packard (HP)

The objective for 3M was to optimize office printing infrastructure at 3M locations worldwide, reduce total cost and environmental footprint. Some of the business benefits acheived by switching to HP print solutions...

Download now »