Engaging edge networks in preventing and mitigating undesirable network traffic


We address the security vulnerabilities in existing protocols for network traffic authentication, by engaging edge networks in defending against undesirable traffic. In the proposed PATRICIA architecture, edge networks cooperate to prevent misbehaving sources from flooding traffic in both control and data channels. Moreover, edge networks employ an endorsement procedure to approve data communications among local and remote hosts, hence breaking down potential collusion between those hosts. The protection mechanism is only activated for hosts under attack, therefore minimizing the control traffic bandwidth and processing overhead. Our performance evaluation demonstrates the effectiveness of PATRICIA.

Publication Title

2007 3rd IEEE Workshop on Secure Network Protocols, NPSec