CERIAS Weekly Security Seminar - Purdue University artwork

Mahesh Tripunitara, "Thwarting Denial of Service Attacks against Communication Protocols with Backward Compatible Changes: A Case Study"

CERIAS Weekly Security Seminar - Purdue University

English - November 19, 1999 05:00 - 220 MB Video - ★★★★ - 6 ratings
Technology Education Courses infosec security video seminar cerias purdue information sfs research education Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Donn Parker, "Information Security, a Folk Art in Need of an Upgrade"
Next Episode: Wenliang Du & Mahesh Tripunitara, "Security Relevancy Analysis on the Registry of Windows NT 4.0 (for Wenliang Du)"

We will discuss a novel approach to building safeguards against
denial of service attacks against communication protocols. Our
approach involves changes to the relevant communication protocol
subject to the following constraint: the protocol that results from
the change must be backward compatible with the unchanged protocol.
That is, an entity that employs the changed protocol must be able
to communicate with an entity that employs the unchanged version.
We will look at a specific problem in this context. The problem
involves a class of denial of service attacks against IP. The class
is called ARP (Address Resolution Protocol) cache poisoning and
involves an attacker introducing a spurious IP to Ethernet mapping
in a victim's ARP cache. We will discuss the solution and some
implementation aspects of it. Apart from being backward compatible,
our solution has two favourable properties: it is implemented as
middleware, and is asynchronous.