Managing and Securing the Global Multicast Infrastructure

Abstract

A lack of mechanisms to monitor and manage multicast networks has adversely affected progress in several areas critical for successful deployment. One such area involves discovering and solving multicast security vulnerabilities. Although a number of vulnerabilities exist, the most troubling are a set of easily exploited Denial-of-Service (DoS) attacks. The main reason for this concern is that the one-to-many nature of multicast can significantly magnify the effects of these attacks. Among the possible multicast DoS attacks, those that target the the Multicast Source Discovery Protocol (MSDP) can be most damaging. MSDP vulnerabilities are unusually easy to exploit and can lead to infrastructure-wide damage. In this paper, our goal is to develop a security framework that protects against DoS attacks through detection and then “deflection.” In developing our framework, we first examine the vulnerability of multicast protocols, to DoS attacks. We use data collected with our global monitoring infrastructure, Mantra, to analyze the nature and effects of attacks that have already occurred. We then create additional, more virulent strains. Finally, we propose a family of solutions to detect and deflect the effects of each attack. Our techniques are evaluated by simulating their effectiveness against both real and simulated workloads.