Can MPTCP secure Internet communications from man-in-the-middle attacks?

Nguyen, Ho-Dac-Duy; Phung, Chi-Dung; Secci, Stefano; Felix, Benevid; Nogueira, Michele

doi:10.23919/cnsm.2017.8255970

Cited by 9 publications

(7 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Jadin et al [41] designed a secure MPTCP variant by closely integrating authentication and encryption inside the MPTCP protocol. Nguyen et al [42] investigated the Autonomous System (AS)-level Man-in-the-Middle (MITM) attacks acting at the robustness of MPTCP communications, reported which countries and regions had a high-level of robustness against the MITM attacks by studying the AS level graph, and provided a countermeasure in preventing MPTCP from the AS-level MITM attacks when concurrently using multiple Internet-scale paths for multipath communications. Munir et al [43] first reported the potential security vulnerabilities in MPTCP due to crosspath interactions among MPTCP subflows, caused by two typical attacks: connection hijack attacks and directed traffic diversion attacks, and then proposed the corresponding countermeasure proposal to guarantee MPTCP to be no less secure than TCP under the two typical attacks.…”

Section: F Mptcp Security Casesmentioning

confidence: 99%

Can Multipath TCP be Robust to Cyber Attacks With Incomplete Information?

et al. 2020

View full text Add to dashboard Cite

Promoted by the advancements in the various wireless access technologies, modern mobile devices equipped with multiple network interfaces are rapidly becoming the norm, and this provides a driving force for the large-scale deployment of the Multipath Transmission Control Protocol (MPTCP) in the current and future Internet. However, the simultaneous use of multiple network paths for concurrent multipath data transmission can make MPTCP have a larger attack surface than the traditional single-path transport protocols, and this may be likely to pose a risk of MPTCP being much more susceptible to cyber attacks. In this paper, we present a measurement method to investigate the vulnerability and robustness of MPTCP under cyber attacks with incomplete network information, by considering the fact that most cyber attacks normally lack of real-time information with respect to various MPTCP attributes. We mathematically characterize cyber attacks with incomplete network information from the viewpoints of both the cyber attacker and the MPTCP communication system, and then we introduce a mixed attack strategy, by jointly considering the features of both the random attacks and the selective attacks, to evaluate the robustness of MPTCP.

show abstract

Section: F Mptcp Security Casesmentioning

confidence: 99%

Can Multipath TCP be Robust to Cyber Attacks With Incomplete Information?

et al. 2020

View full text Add to dashboard Cite

show abstract

“…In [36], cryptography based solutions are proposed against eavesdropping. The authors in [6] [43], we attempt to provide a response to such questions.…”

Section: Internet Mitm Attacksmentioning

confidence: 99%

MPTCP robustness against large-scale man-in-the-middle attacks

et al. 2019

Self Cite

View full text Add to dashboard Cite

Multipath communications at the Internet scale have been a myth for a long time, with no actual protocol being deployed at large scale. Recently, the Multipath Transmission Control Protocol (MPTCP) extension was standardized and is undergoing rapid adoption in many different use-cases, from mobile to fixed access networks, from data-centers to core networks. Among its major benefits-i.e., reliability thanks to backup path rerouting, throughput increase thanks to link aggregation, and confidentiality being more difficult to intercept a full connection-the latter has attracted lower attention. How effective would be to use MPTCP, or an equivalent multipath transport layer protocol, to exploit multiple Internet-scale paths and decrease the probability of Man-in-the-Middle (MITM) attacks is a question which we try to answer. By analyzing the Autonomous System (AS) level graph, we identify which countries and regions show a higher level of robustness against MITM AS-level attacks, for example due to core cable tapping or route hijacking practices.

show abstract

“…Neste caso, o caminho de ida (P ij ) e o de volta (P ji ) podem ser assimétricos, sendo i e j um endereço IP de N s e N d , respectivamente. Contudo, as regras de roteamento não impedem que os caminhos de uma mesma conexão MPTCP compartilhem um ou mais enlaces na rede [Nguyen et al 2017]. Conforme ilustra a Figura 1, os nós de origem N s e de destino N d possuem dois endereços IP cada.…”

Section: Identificando Os Caminhos Não Compartilhadosunclassified

“…O projeto desse escalonador segue a premissa de que os caminhos possuem uma alta diversidade, ou seja, não compartilham enlaces. Porém, isto nãoé válido em redes reais, como a Internet, em que as regras de roteamento tradicionais guiam os pacotes de um fluxo TCP por uma mesma rota [Nguyen et al 2017]. Como o MPTCP utiliza sub-fluxos TCP, as regras de roteamento os consideram como fluxos TCP distintos, podendo ser transmitidos por caminhos compartilhados.…”

Section: Introductionunclassified

Escalonador de Pacotes para Transmissão por Multi-caminhos Não-Correlacionados em Redes Heterogêneas sem Fio

Felix¹,

Steuck²,

Santos³

et al. 2018

Anais Do XXXVI Simpósio Brasileiro De Redes De Computadores E Sistemas Distribuídos (SBRC 2018)

Self Cite

View full text Add to dashboard Cite

Esforços acadêmicos e industriais buscam melhorar o desempenho das redes heterogêneas sem fio para que ofereçam os requisitos míninos de latência e vazãoás aplicações sensíveis ao atraso, tais como jogos online, e fluxos de voz e vídeo. O Protocolo de Controle de Transmissão Multi-caminhos (MPTCP) foi projetado para atender a essa demanda. Ele provê um escalonador redundante, que replica os pacotes de dados em múltiplos caminhos, para contrabalançar os efeitos negativos da heterogeneidade. Entretanto, gargalos compartilhados entre os caminhos fim-a-fim reduzem os benefícios providos pelo escalonador. Desta forma, este trabalho apresenta RED (REdundant Diversity scheduling), um escalonador que prioriza a replicação dos pacotes por caminhos não-correlacionados. RED replica os pacotes nos caminhos com base no coeficiente de correlação de Spearman. Os resultados demonstram que RED prioriza o uso de caminhos com baixa correlação e reduz a sobrecarga na rede com um menor número de pacotes replicados, além de prover uma melhora significativa no desempenho da transmissão.

show abstract

Can MPTCP secure Internet communications from man-in-the-middle attacks?

Cited by 9 publications

References 32 publications

Can Multipath TCP be Robust to Cyber Attacks With Incomplete Information?

Can Multipath TCP be Robust to Cyber Attacks With Incomplete Information?

MPTCP robustness against large-scale man-in-the-middle attacks

Escalonador de Pacotes para Transmissão por Multi-caminhos Não-Correlacionados em Redes Heterogêneas sem Fio

Contact Info

Product

Resources

About