Paper Info
Title
Multipath TCP security over different attacks
Abstract
AbstractAbstractDue to the increasing demand for bandwidth and availability of multi‐homed devices, the Multipath TCP (MPTCP) is an emerging protocol that uses multiple paths simultaneously to transfer the data, seamlessly utilizing their bandwidth. The security is an important issue in a system especially the communication network system. Since there are multiple paths in MPTCP, it has many doors open to an adversary especially at the time of connection initiation. These attacks include the man‐in‐the‐middle attack (MM), denial‐of‐service (DOS) attack, and SYN flooding attack. This article proposes a new opportunistic security protocol, named as secure connection multipath TCP (SCMTCP), that uses the elliptic curve cryptography to generate the secret key. It also uses a third‐party certificate authority to ensure the authenticity of public keys exchanged between the communicating parties. The SCMTCP generates a session key at the time of initial handshake (with MP_CAPABLE option) and protects the MPTCP from the man‐in‐the‐middle attack. It generates a unique authentication key for each new subflow within the host using the session key to authenticate them and protects the MPTCP from DoS and SYN flooding attacks. This article analyzes the security complexity of the SCMTCP using the random oracle model and shows that it is not possible for an attacker to get any security key and breaks the MPTCP security.In this research paper, we proposed a security mechanism for Multipath TCP (MPTCP), named as secure connection multipath TCP (SCMTCP). The SCMTCP is an opportunistic security protocol that generates the secret keys for an MPTCP host The SCMTCP generates a unique session key for an MPTCP session using the secret keys and hash function. It also generates a unique authentication key for each new subflow during a subflow initiation using the session key. The SCMTCP security protocol has three modules according to different MPTCP options: SCMTCP with MP_CAPABLE (SCMTCP_MPC), SCMTCP with MP_JOIN (SCMTCP_MPJ), and SCMTCP with ADD_ADDR (SCMTCP_ADA). The SCMTCP_MPC generates a unique session key for an MPTCP session. It secures the Initial connection of MPTCP hosts requested through the MP_CAPABLE option that carries various secret information such as session information. After establishing the first subflow, the remaining all available connections are requested through the MP_JOIN option. The SCMTCP_MPJ generates a unique authentication key for each new requesting connection and exchanges the key information like the nonce and authentication keys using the MP_JOIN option. It protects the MPTCP from DoS attack. If a new connection of a host becomes available during the MPTCP session, then it is requested to connect using the ADD_ADDR option. The SCMTCP_ADA generates a unique authentication key for each such connection that is requested through the ADD_ADDR option. It protects the MPTCP from the ADD_ADDR attack by putting an authentication key into the ADD_ADDR packet. View Figure
Year
DOI
Venue
2020
10.1002/ett.4081
Periodicals
DocType
Volume
Issue
Journal
31
9
ISSN
Citations 
PageRank 
2161-3915
0
0.34
References 
Authors
0
2
Name
Order
Citations
PageRank
Rajnish Kumar Chaturvedi100.34
S. Chand210020.69