NTUST - Mobilizing Information Technology Lab

NEW SECURE ROUTING METHOD & APPLICATIONS FACING MITM ATTACKS

Next Generation Networks and Services (NGNS), 2014

Advisor： Jenq-Shiou LeuStudent： Bing-Syuan WangDate： 2015/05/12National Taiwan University of Science and Technology

NTUST - Mobilizing Information Technology Lab 2

Outline• Introduction• Graph theory in computer network• Algorithm for pathfinder• Choice of a secure combination of paths to use• Conclusion

NTUST - Mobilizing Information Technology Lab 3

Introduction• Majority of solutions proposed till now for security are located at User

Application Level (Anti-Virus, Intrusion detector…).

• Routing is the act of moving information across an Internetwork from a source to a destination.

• Packet sniffing allows individuals to capture data as it is transmitted over a network.

• MITM: Main-in-the-middle attack

NTUST - Mobilizing Information Technology Lab 4

Introduction• Using Graph Theory

• Choose from possible paths given by pathfinder algorithm, all combinations that meet a number of criteria such as safety, speed, buffer size, etc.

NTUST - Mobilizing Information Technology Lab 5

Graph theory in computer network• Where is the set of vertices and is the set of edges, formed by pairs of

vertices.

• In this condition every Graph could be represented as a simple Matrix called adjacency matrix.

• The adjacency matrix of is a Matrix where is the number of nodes in G, and represent the weight of each edge.

NTUST - Mobilizing Information Technology Lab 6

Graph theory in computer network• Go from n1 to n6 we have:

n1 → n2 → n3 → n6• And

n1 → n2 → n5 → n3 → n6

NTUST - Mobilizing Information Technology Lab 7

Algorithm for pathFinder• Source = n0

• Destination = n2

NTUST - Mobilizing Information Technology Lab 8

Algorithm for pathFinder• no impact is foreseen on Routers if the number of hops does not exceed 12

NTUST - Mobilizing Information Technology Lab 9

Choice of a secure combination of paths to use• Source n0 and Destination n8

NTUST - Mobilizing Information Technology Lab 10

Choice of a secure combination of paths to use• The best solution will be to have at minimum two paths (Pi & Pj) with same

weight (wi = wj) and also using different intermediate nodes

• OSPF: Open Shortest Path First

• two paths with the same smallest total weight = 4 n0 → n4 → n8 = 4 n0 → n1 → n2 → n5 → n8 = 4

NTUST - Mobilizing Information Technology Lab 11

Choice of a secure combination of paths to use• When such solution is not possible, then we can consider another option which is to

look for two paths that satisfies the condition

• Again from past example we can consider the solution: n0 → n1 → n2 → n5 → n8 = 4 n0 → n3 → n6 → n4 → n7 → n8 = 8

• With: m1= 2 (2 messages on P1, load of 67%) w1 = 4 m2= 1 (1 messages on P2, load of 33%) w2 = 8

NTUST - Mobilizing Information Technology Lab 12

Conclusion• Using Graph Theory, this paper developed a new way of routing that includes

indirectly the notion of security, a simulation was done to confirm that this new method will not have any major impact on the router performance

• This paper highlighted some conditions to be used in order to chose the most safer combination of paths.

• Finally, Optimization is still needed in order to be able to handle more nodes in one AREA, and also to add the possibility to show only most secure paths in one algorithm.