Off-campus UMass Amherst users: To download campus access theses, please use the following link to log into our proxy server with your UMass Amherst user name and password.

Non-UMass Amherst users: Please talk to your librarian about requesting this thesis through interlibrary loan.

Theses that have an embargo placed on them will not be available to anyone until the embargo expires.

Document Type

Open Access

Degree Program

Electrical & Computer Engineering

Degree Type

Master of Science (M.S.)

Year Degree Awarded

2012

Month Degree Awarded

September

Keywords

Internet, Packet Drop, Distributed Detection, Controller, Security, Security Model

Abstract

The introduction of programmability and dynamic protocol deployment in routers, there would be an increase in the potential vulnerabilities and attacks . The next- generation Internet promises to provide a fundamental shift in the underlying architecture to support dynamic deployment of network protocols. In this thesis, we consider the problem of detecting malicious packet drops in routers. Specifically, we focus on an attack scenario, where a router selectively drops packets destined for another node. Detecting such an attack is challenging since it requires differentiating malicious packet drops from congestion-based packet losses. We propose a controller- based malicious packet detection technique that effectively detects malicious routers using delayed sampling technique and verification of the evidence. The verification involves periodically determining congestion losses in the network and comparing the forwarding behaviors of the adjoining routers to affirm the state of a router in the network. We provide a performance analysis of the detection accuracy and quantify the communication overhead of our system. Our results show that our technique provides accurate detection with low performance overhead.

First Advisor

Tilman Wolf

Share

COinS