Journal Name:
International Journal of Computer Science and information security
Volume:
14
Issue:
6
Pages From:
10
To:
15
Date:
Wednesday, June 1, 2016
Keywords:
TCP, MPTCP, flooding, hijack, on-path, off-path, flooding, DoS
Abstract:
MPTCP is a new protocol proposed by IETF
working group as an extension for standard TCP, it adds the
capability to split the TCP connection across multiple paths. It
provides higher availability and improves the throughput
between two multi-address endpoints. Many Linux distributions
have been developed to support MPTCP, most of them are open
source which can be modified and compiled to support different
experimental scenarios. Splitting the single path TCP connection
across multiple paths adds new challenges in paths management
and raises new security threats. Some of these threats include
flooding and hijacking attacks performed by on-path and offpath
attackers. In this article, we propose a new algorithm to
mitigate the flooding and hijacking attacks in MPTCP, the
proposed method allows a stateful processing of the initial SYN
message and it’s following SYN_JOIN messages.
