We consider forged address attacks in communication networks, wherein an attacking node forges the address of communication requests sent to a victim node. Unless the victim can ascertain the origin of the attack, it must cease to respond to communication requests until the attack subsides. We examine the problem of identifying a minimum cardinality subset of nodes on a network, such that placing route-based filters on these nodes provides a prescribed level of security. We model the problem as an integer program and illustrate its performance on randomly generated networks. Next, we develop a greedy heuristic to deploy filters in these networks, and compare its solution quality to that of the integer programming approach. These findings are then used to motivate both the importance of addressing this problem by optimal techniques and to motivate future research approaches for solving such problems.
|Original language||English (US)|
|Number of pages||13|
|Journal||Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)|
|State||Published - Dec 1 2004|
ASJC Scopus subject areas
- Theoretical Computer Science
- Computer Science(all)