Data Enriched SACK: A Novel Acknowledgement Generation Scheme for Secure SCTP - Citegraph

Paper Info

Title
Data Enriched SACK: A Novel Acknowledgement Generation Scheme for Secure SCTP

Abstract
The Stream Control Transmission Protocol (SCTP) is inherently vulnerable to optimistic Selective Acknowledgement (SACK) spoofing. We highlight a threat scenario in which this vulnerability is exploited for the generation of sustained and powerful Denial-of-Service attack flood over the Internet. We identify and analyze a fundamental design limitation in SCTP that leads to the above mentioned vulnerability and propose a novel acknowledgement generation scheme, called Data Enriched SACK (DESACK), to make SCTP robust against optimistic SACK spoofing. We present the design and implementation details of DESACK. The proposed scheme is experimentally implemented, tested and integrated into the SCTP framework in the Linux Kernel. We also provide real-world experimental results to demonstrate the feasibility and effectiveness of DESACK on a highly loaded multi-hop production network.

Year	DOI	Venue
2014	10.1109/LCOMM.2014.2367109	Communications Letters, IEEE
Keywords	DocType	Volume
Internet,Linux,computer network security,operating system kernels,protocols,Internet,Linux kernel,acknowledgement generation scheme,data enriched SACK,denial-of-service attack,multihop production network,selective acknowledgement,stream control transmission protocol,DESACK,Data Enriched SACK,Optimistic SACK Spoofing,SCTP,Stream Control Transmission Protocol,Stream control transmission protocol,data enriched SACK,optimistic SACK spoofing	Journal	18
Issue	ISSN	Citations
12	1089-7798	0
PageRank	References	Authors
0.34	0	2

Authors (2 rows)

Cited by (0 rows)

References (0 rows)

Name	Order	Citations	PageRank
V. Anil Kumar	1	1	1.36
Debabrata Das	2	61	23.61

1