Network and System Security by John R. Vacca
Author:John R. Vacca
Language: eng
Format: mobi, pdf
ISBN: 9780124166950
Publisher: Elsevier Inc.
Published: 2013-09-02T04:00:00+00:00
Delay and Rushing
Delay is a natural consequence of implementations of the Internet architecture. Datagrams from a single connection typically transit a path across the Internet in bursts. This happens because applications at the sender, when sending large messages, tend to send messages larger than a single datagram. The transport layer partitions these messages into segments to fit the maximum segment size along the path to the destination. The MAC tends to output all the frames together as a single blast after it has accessed the medium. Therefore, routers with many links can receive multiple datagram bursts at the same time. When this happens, a router has to temporarily buffer the burst, since it can output only one frame conveying a datagram per link at a time. Simultaneous arrival of bursts of datagrams is one source of congestion in routers. This condition usually manifests itself at the application by slow communications time over the Internet. Delay can also be intentionally introduced by routers, such as via traffic shaping.
Attackers can induce delays in several ways. We illustrate this idea by describing two different attacks. It is not uncommon for an attacker to take over a router, and when this happens, the attacker can introduce artificial delay, even when the router is uncongested. As a second example, attackers with bot armies can bombard a particular router with “filler” messages, the only purpose of which is to congest the targeted router.
Rushing is the opposite problem: a technique to make it appear that messages can be delivered sooner than can be reasonably expected. Attackers often employ rushing attacks by first hijacking routers that service parts of the Internet that are fairly far apart in terms of network topology. The attackers cause the compromised routers to form a virtual link between them. A virtual link emulates a MAC layer protocol but running over a transport layer connection between the two routers instead of a PHY layer. The virtual link, also called a wormhole, allows the routers to claim they are connected directly by a link and so are only one hop apart. The two compromised routers can therefore advertise the wormhole as a “low-cost” path between their respective regions of the Internet. The two regions then naturally exchange traffic through the compromised routers and the wormhole.
An adversary usually launches a rushing attack as a prelude to other attacks. By attracting traffic to the wormhole endpoints, the compromised routers can eavesdrop and modify the datagrams flowing through them. Compromised routers at the end of a wormhole are also an ideal vehicle for selective deletion of messages.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7410)
Grails in Action by Glen Smith Peter Ledbrook(7303)
Kotlin in Action by Dmitry Jemerov(4653)
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4135)
The Age of Surveillance Capitalism by Shoshana Zuboff(3429)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3251)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3033)
Mastering Python for Networking and Security by José Manuel Ortega(2960)
Blockchain Basics by Daniel Drescher(2895)
Microsoft 365 Identity and Services Exam Guide MS-100 by Aaron Guilmette(2677)
TCP IP by Todd Lammle(2646)
Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 by Chris Gill(2497)
From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso & Matthew E. Amoroso(2486)
Hands-On Azure for Developers by Kamil Mrzyglod(2425)
Azure Containers Explained by Wesley Haakman & Richard Hooper(2378)
React Native - Building Mobile Apps with JavaScript by Novick Vladimir(2343)
MCSA Windows Server 2016 Study Guide: Exam 70-740 by William Panek(2315)
The Social Psychology of Inequality by Unknown(2314)
The Art Of Deception by Kevin Mitnick(2301)