Can MPTCP secure Internet communications from man-in-the-middle attacks?

2017 13th International Conference on Network and Service Management (CNSM) Pub Date : 2017-04-10 DOI:10.23919/CNSM.2017.8255970

H. D. Nguyen, Chi-Dung Phung, Stefano Secci, Benevid Felix Silva, M. N. Lima

{"title":"Can MPTCP secure Internet communications from man-in-the-middle attacks?","authors":"H. D. Nguyen, Chi-Dung Phung, Stefano Secci, Benevid Felix Silva, M. N. Lima","doi":"10.23919/CNSM.2017.8255970","DOIUrl":null,"url":null,"abstract":"Multipath communications at the Internet scale have been a myth for a long time, with no actual protocol being deployed so that multiple paths could be taken by a same connection on the way towards an Internet destination. Recently, the Multipath Transmission Control Protocol (MPTCP) extension has been standardized and is undergoing rapid adoption in many different use-cases, from mobile to fixed access networks, from data-centers to core networks. Among its major benefits — i.e., reliability thanks to backup path rerouting, throughput increase thanks to link aggregation, and confidentiality being more difficult to intercept a full connection — the latter has attracted lower attention. How effective would be to use MPTCP to exploit multiple Internet-scale paths and decrease the probability of Man-in-the-Middle (MITM) attacks is a question which we try to answer. By analyzing the Autonomous System (AS) level graph, we identify which countries and regions show a higher level of robustness against MITM AS-level attacks, for example due to core cable tapping or route hijacking practices.","PeriodicalId":211611,"journal":{"name":"2017 13th International Conference on Network and Service Management (CNSM)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2017-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 13th International Conference on Network and Service Management (CNSM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/CNSM.2017.8255970","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 12

Abstract

Multipath communications at the Internet scale have been a myth for a long time, with no actual protocol being deployed so that multiple paths could be taken by a same connection on the way towards an Internet destination. Recently, the Multipath Transmission Control Protocol (MPTCP) extension has been standardized and is undergoing rapid adoption in many different use-cases, from mobile to fixed access networks, from data-centers to core networks. Among its major benefits — i.e., reliability thanks to backup path rerouting, throughput increase thanks to link aggregation, and confidentiality being more difficult to intercept a full connection — the latter has attracted lower attention. How effective would be to use MPTCP to exploit multiple Internet-scale paths and decrease the probability of Man-in-the-Middle (MITM) attacks is a question which we try to answer. By analyzing the Autonomous System (AS) level graph, we identify which countries and regions show a higher level of robustness against MITM AS-level attacks, for example due to core cable tapping or route hijacking practices.

查看原文本刊更多论文

MPTCP能保护互联网通信免受中间人攻击吗?

长期以来，互联网规模的多路径通信一直是一个神话，没有部署任何实际的协议，以便同一个连接在通往互联网目的地的途中可以采用多条路径。最近，多路径传输控制协议(MPTCP)扩展已经标准化，并正在许多不同的用例中迅速采用，从移动到固定接入网络，从数据中心到核心网络。在它的主要优点中——例如，由于备份路径重路由而增加的可靠性，由于链路聚合而增加的吞吐量，以及更难以拦截完整连接的机密性——后者受到的关注较少。如何有效地使用MPTCP利用多个互联网规模的路径和减少中间人(MITM)攻击的可能性是我们试图回答的问题。通过分析自治系统(AS)级别图，我们确定哪些国家和地区对MITM AS级攻击具有更高的鲁棒性，例如由于核心电缆窃听或路由劫持行为。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2017 13th International Conference on Network and Service Management (CNSM)

自引率

0.00%

发文量