Abstract
The TCP/IP protocol suite has been designed to provide a simple, open communication infrastructure in an academic, collaborative environment. Therefore, the TCP/IP protocols are not able to provide the authentication, integrity, and privacy mechanisms to protect communication in a hostile environment. To solve these security problems, a number of application-level protocols have been designed and implemented on top of TCP/IP. In addition, ad hoc techniques have been developed to protect networks from TCP/IP-based attacks. Nonetheless, a formal approach to TCP/IP security is still lacking. This work presents a formal model of TCP/IP networks and describes some well-known attacks using the model. The topological characterization of TCP/IP-based attacks enables better understanding of the vulnerabilities and supports the design of tougher detection, protection, and testing tools.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Shimomura, T., Markoff, J.: Takedown. Hyperion (1996)
Axelsson, S.: Intrusion Detection Systems: A Taxomomy and Survey. Technical Report 99-15, Dept. of Computer Engineering, Chalmers University of Technology, Sweden (March 2000)
Bace, R., Mell, P.: Special Publication on Intrusion Detection Systems. Technical Report SP 800-31, National Institue of Standards and Technology (November 2001)
Bellovin, S.: Security Problems in the TCP/IP Protocol Suite. Computer Communications Review 19(2) (1990)
Berge, C.: Hypergraphs. North-Holland, Amsterdam (1989)
CERT. Cert advisories (2003), http://www.cert.org
Chapman, B., Zwicky, E.: Building Internet Firewalls. O’Reilly & Associates, Sebastopol (1995)
Cheswick, W., Bellovin, S.: Firewalls and Internet Security: Repelling the Wily Hacker. Addison-Wesley, Reading (1994)
Computer Emergency Response Team. IP Spoofing Attacks and Hijacked Terminal Connections. CA-95:01 (January 1995)
Debar, H., Dacier, M., Wespi, A.: Towards a taxonomy of intrusion-detection systems. Computer Networks 31(8), 805–822 (1999)
Fielding, R., et al.: Hypertext Transfer Protocol – HTTP/1.1. RFC 2616 (June 1999)
International Organization for Standardization. Information Processing Systems - Open Systems Interconnection. International Standard (1986)
Freier, A., Karlton, P., Kocher, P.: The ssl protocol version 3.0. Internet draft draft-freier-ssl-version3-02.txt (November 1996)
Hess, D.K., Safford, D.R., Pooch, U.W.: A Unix Network Protocol Security Study: Network Information Service. Technical report, Texas A&M University (November 1992)
ISS. Realsecure 6.5 (February 2002), http://www.iss.net/
Joncheray, L.: A Simple Active Attack Against TCP. Technical report, Merit Network Inc. (April 1995)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Vigna, G. (2003). A Topological Characterization of TCP/IP Security. In: Araki, K., Gnesi, S., Mandrioli, D. (eds) FME 2003: Formal Methods. FME 2003. Lecture Notes in Computer Science, vol 2805. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45236-2_49
Download citation
DOI: https://doi.org/10.1007/978-3-540-45236-2_49
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40828-4
Online ISBN: 978-3-540-45236-2
eBook Packages: Springer Book Archive