Skip to main content
Springer Nature Link
Log in

Preserving TCP Connections Across Host Address Changes

  • Conference paper
Information Security (ISC 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4176))

Included in the following conference series:

  • 1625 Accesses

Abstract

The predominance of short-lived connections in today’s Internet has created the perception that it is perfectly acceptable to change a host’s IP address with little regard about established connections. Indeed, the increased mobility offered by laptops with wireless network interfaces, and the aggressive use of short DHCP leases are leading the way towards an environment where IP addresses are transient and last for short time periods. However, there is still a place for long-lived connections (typically lasting hours or even days) for remote login sessions, over the network backups, etc. There is, therefore, a real need for a system that allows such connections to survive changes in the IP addresses of the hosts at either end of the connection.

In this paper we present a kernel-based mechanism that recognizes address changes and recovers from them. Furthermore, we discuss the security implications of such a scheme, and show that our system provides an effective defense against both eavesdropping and man-in-the-middle attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. The OpenBSD Operating System, http://www.openbsd.org/

  2. Aghdaie, N., Tamir, Y.: Client-Transparent Fault-Tolerant Web Service. In: Proceedings of the 20th IEEE International Performance, Computing, and Communications Conference (April 2001)

    Google Scholar 

  3. Akyidiz, I.F.: Mobility Management in Current and Future Communications Networks. IEEE Network 12(6), 39–49 (1998)

    Article  Google Scholar 

  4. Bhagwat, P., Perkins, C.: A Mobile Networking System based on Internet Protocol (IP). In: Proceedings of USENIX Symposium on Mobile and Location Independent Computing, pp. 69–82 (August 1993)

    Google Scholar 

  5. Campbell, A.T., Gomez, J., Kim, S., Turanyi, Z., Wan, C.Y.: Comparison of IP Micromobility Protocols. In: IEEE Wireless Communications (February 2002), pp. 72–82 (2002)

    Google Scholar 

  6. Campbell, A.T., Gomez, J., Kim, S., Turanyi, Z., Wan, C.Y., Valko, A.G.: Design, Implementation and Evaluation of Cellular IP. In: IEEE Personal Communications, Special Issue on IP-based Mobile Telecommunications Networks (June/July 2000)

    Google Scholar 

  7. Dobbertin, H.: The Status of MD5 After a Recent Attack. RSA Labs’ CryptoBytes 2(2) (summer, 1996)

    Google Scholar 

  8. Funato, D., Yasuda, K., Tokuda, H.: TCP-R: TCP mobility support for continuous operation. In: IEEE International Conference on Network Protocols (October 1997), pp. 229–236 (1997)

    Google Scholar 

  9. Heffernan, A.: RFC 2385: Protection of BGP Sessions via the TCP MD5 Signature Option. Request for Comments, Internet Engineering Task Force (August 1998)

    Google Scholar 

  10. Ioannidis, J., Duchamp, D., Maguire Jr., G.Q.: IP-Based Protocols for Mobile Internetworking. In: Proceedings of SIGCOMM, September 1991, pp. 235–245. ACM, New York (1991)

    Google Scholar 

  11. Ioannidis, J.: Protocols for Mobile Internetworking. PhD thesis, Columbia University in the City of New York (1993)

    Google Scholar 

  12. Jonhson, D., Perkins, C.: Mobility Support in IPv6. Internet Draft, Internet Engineering Task Force, Work in progress (July 2001)

    Google Scholar 

  13. Perkins, C.: RFC 2002: IP Mobility Support. Request for Comments, Internet Engineering Task Force (October 1996)

    Google Scholar 

  14. Prevelakis, V., Keromytis, A.: Designing an Embedded Firewall/VPN Gateway. In: Proceedings of the International Network Conference (2002)

    Google Scholar 

  15. Prevelakis, V., Keromytis, A.: Drop-in Security for Distributed and Portable Computing Elements. Journal of Internet Research 13(2) (2003)

    Google Scholar 

  16. Stuckman, P.: The GSM Evolution. Wiley, Chichester (2003)

    Google Scholar 

  17. Su, G.: MOVE: Mobility with Persistent Network Connections. PhD thesis, Columbia University, New York (2004)

    Google Scholar 

  18. Zhang, R., Abdelzaher, T.F., Stankovic, J.A.: Efficient TCP Connection Failover in Web Server Clusters. In: Proceedings of IEEE InfoCom (March 2004)

    Google Scholar 

  19. Zhuang, S., Lai, K., Stoica, I., Katz, R., Shenker, S.: Host Mobility using an Internet Indirection Infrastructure. In: First International Conference on Mobile Systems, Applications, and Services (ACM/USENIX Mobisys) (May 2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Department, Drexel University, Philadelphia, PA, 119613, 19104, USA

    Vassilis Prevelakis

  2. Computer Science Department, Stevens Institute of Technology, Hoboken, NJ, 07030, USA

    Sotiris Ioannidis

Authors
  1. Vassilis Prevelakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sotiris Ioannidis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of the Aegean, University Hill, 81100, Mytilene, Greece

    Sokratis K. Katsikas

  2. Department of Information and Communication Technologies, University of A Coruña, Spain

    Javier López

  3. MPI-SWS,  

    Michael Backes

  4. Department of Information and Communication Systems Engineering, University of the Aegean, Karlovassi, Samos, Greece

    Stefanos Gritzalis

  5. Interdisciplinary Institute for BroadBand Technology (IBBT), Belgium

    Bart Preneel

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Prevelakis, V., Ioannidis, S. (2006). Preserving TCP Connections Across Host Address Changes. In: Katsikas, S.K., López, J., Backes, M., Gritzalis, S., Preneel, B. (eds) Information Security. ISC 2006. Lecture Notes in Computer Science, vol 4176. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11836810_22

Download citation

  • DOI: https://doi.org/10.1007/11836810_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-38341-3

  • Online ISBN: 978-3-540-38343-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics