• Summary
• Related Documents
  • Active Bibliography
  • Co-citation
• Version History

Popular Tags

No tags have been applied to this document.

Add a tag:

BibTeX | Add To MetaCart

@INPROCEEDINGS{Bradley98detectingdisruptive,
    author = {Kirk A. Bradley and Steven Cheung and Nick Puketza and Biswanath Mukherjee and Ronald A. Olsson},
    title = {Detecting Disruptive Routers: A Distributed Network Monitoring Approach},
    booktitle = {In Proceedings of the IEEE Symposium on Research in Security and Privacy},
    year = {1998},
    pages = {115--124}
}

Years of Citing Articles

Abstract:

An attractive target for a computer system attacker is the router. An attacker in control of a router can disrupt communication by dropping or misrouting packets passing through the router. We present a protocol called WATCHERS that detects and reacts to routers that drop or misroute packets. WATCHERS is based on the principle of conservation of ow in a network: all data bytes sent into a node, and not destined for that node, are expected to exit the node. WATCHERS tracks this ow, and detects routers that violate the conservation principle. We show that WATCHERS has several advantages over existing network monitoring techniques. We argue that WATCH-ERS ' impact on router performance and WATCHERS' memory requirements are reasonable for many environments. We demonstrate that in ideal conditions WATCHERS makes no false-positive diagnoses. We also describe how WATCHERS can be tuned to perform nearly as well in realistic conditions. c 1998 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE. Kirk Bradley's current a liation is SRI International, 333

Citations