End-to-End Mobility Support: Combining Security and Efficiency
Autor: C. Vogt Links:
Quelle: September 2004
Mobility-management protocols like Mobile IPv6, Mobike, or HIP allow a mobile node to continue ongoing communication sessions in spite of IP-address changes that come along with inter-IP-network movements. Feigned IP-address changes, however, are a new opportunity for malicious parties to wage flooding attacks against arbitrary victims. The severity of these flooding attacks is that they can be highly amplified with respect to both data volume and data rate. An attacker could pretend to have moved and claim ownership of a victim's IP address, redirecting packets away from itself towards the victim. All flooding packets would be generated not by the attacker, but by the attacker's correspondent. The solution to this threat is usually a probe being sent to any new IP address before that IP address can be used as a destination for payload packets. Unfortunately, all probing mechanisms take at least one round-trip time to conclude. Having to wait this long seems unfeasible for many Internet applications. Doing the IP-address test in parallel with already using the IP address would be highly beneficial. Such a mechanism, Credit-Based Authorization, is currently being discussed in the IETF and IRTF research communities. This presentation explains the issue of flooding attacks with regard to mobility as well as the precautions mobility-management protocols take to prevent such attacks. Mobile IPv6 is considered as an example. The presentation also discusses the latency implications that these precautions incur upon Internet applications or higher-layer protocols, and it takes a look on how Credit-Based Authorization can mitigate this.