Securing the Control-plane Channel and Cache of Pull-based ID/LOC Protocols

Albert Cabellos-Aparicio; Alberto Rodriguez-Natal; Fabio Maino; Florin Coras; Jordi Paillisse; Paul Almasan; Pere Barlet-Ros; Vina Ermagan

arxiv: 1803.08568 · v1 · pith:NXJPKKQNnew · submitted 2018-03-22 · 💻 cs.NI

Securing the Control-plane Channel and Cache of Pull-based ID/LOC Protocols

Paul Almasan , Jordi Paillisse , Alberto Rodriguez-Natal , Pere Barlet-Ros , Florin Coras , Vina Ermagan , Fabio Maino , Albert Cabellos-Aparicio This is my paper

classification 💻 cs.NI

keywords channelattackscachecontrol-planemappingsprotocolspull-basedcount-min

0 comments

read the original abstract

Pull-based ID/LOC split protocols, such as LISP (RFC6830), retrieve mappings from a mapping system to encapsulate and forward packets. This is done by means of a control-plane channel. In this short paper we describe three attacks against this channel (Denial-of-Service and overflowing) as well as the against the local cache used to store such mappings. We also provide a solution against such attacks that implements a per-source rate-limiter using a Count-Min Sketch data-structure.

This paper has not been read by Pith yet.

Securing the Control-plane Channel and Cache of Pull-based ID/LOC Protocols

discussion (0)