Abstract
The predominance of short-lived connections in today’s Internet has created the perception that it is perfectly acceptable to change a host’s IP address with little regard about established connections. Indeed, the increased mobility offered by laptops with wireless network interfaces, and the aggressive use of short DHCP leases are leading the way towards an environment where IP addresses are transient and last for short time periods. However, there is still a place for long-lived connections (typically lasting hours or even days) for remote login sessions, over the network backups, etc. There is, therefore, a real need for a system that allows such connections to survive changes in the IP addresses of the hosts at either end of the connection.
In this paper we present a kernel-based mechanism that recognizes address changes and recovers from them. Furthermore, we discuss the security implications of such a scheme, and show that our system provides an effective defense against both eavesdropping and man-in-the-middle attacks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
The OpenBSD Operating System, http://www.openbsd.org/
Aghdaie, N., Tamir, Y.: Client-Transparent Fault-Tolerant Web Service. In: Proceedings of the 20th IEEE International Performance, Computing, and Communications Conference (April 2001)
Akyidiz, I.F.: Mobility Management in Current and Future Communications Networks. IEEE Network 12(6), 39–49 (1998)
Bhagwat, P., Perkins, C.: A Mobile Networking System based on Internet Protocol (IP). In: Proceedings of USENIX Symposium on Mobile and Location Independent Computing, pp. 69–82 (August 1993)
Campbell, A.T., Gomez, J., Kim, S., Turanyi, Z., Wan, C.Y.: Comparison of IP Micromobility Protocols. In: IEEE Wireless Communications (February 2002), pp. 72–82 (2002)
Campbell, A.T., Gomez, J., Kim, S., Turanyi, Z., Wan, C.Y., Valko, A.G.: Design, Implementation and Evaluation of Cellular IP. In: IEEE Personal Communications, Special Issue on IP-based Mobile Telecommunications Networks (June/July 2000)
Dobbertin, H.: The Status of MD5 After a Recent Attack. RSA Labs’ CryptoBytes 2(2) (summer, 1996)
Funato, D., Yasuda, K., Tokuda, H.: TCP-R: TCP mobility support for continuous operation. In: IEEE International Conference on Network Protocols (October 1997), pp. 229–236 (1997)
Heffernan, A.: RFC 2385: Protection of BGP Sessions via the TCP MD5 Signature Option. Request for Comments, Internet Engineering Task Force (August 1998)
Ioannidis, J., Duchamp, D., Maguire Jr., G.Q.: IP-Based Protocols for Mobile Internetworking. In: Proceedings of SIGCOMM, September 1991, pp. 235–245. ACM, New York (1991)
Ioannidis, J.: Protocols for Mobile Internetworking. PhD thesis, Columbia University in the City of New York (1993)
Jonhson, D., Perkins, C.: Mobility Support in IPv6. Internet Draft, Internet Engineering Task Force, Work in progress (July 2001)
Perkins, C.: RFC 2002: IP Mobility Support. Request for Comments, Internet Engineering Task Force (October 1996)
Prevelakis, V., Keromytis, A.: Designing an Embedded Firewall/VPN Gateway. In: Proceedings of the International Network Conference (2002)
Prevelakis, V., Keromytis, A.: Drop-in Security for Distributed and Portable Computing Elements. Journal of Internet Research 13(2) (2003)
Stuckman, P.: The GSM Evolution. Wiley, Chichester (2003)
Su, G.: MOVE: Mobility with Persistent Network Connections. PhD thesis, Columbia University, New York (2004)
Zhang, R., Abdelzaher, T.F., Stankovic, J.A.: Efficient TCP Connection Failover in Web Server Clusters. In: Proceedings of IEEE InfoCom (March 2004)
Zhuang, S., Lai, K., Stoica, I., Katz, R., Shenker, S.: Host Mobility using an Internet Indirection Infrastructure. In: First International Conference on Mobile Systems, Applications, and Services (ACM/USENIX Mobisys) (May 2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Prevelakis, V., Ioannidis, S. (2006). Preserving TCP Connections Across Host Address Changes. In: Katsikas, S.K., López, J., Backes, M., Gritzalis, S., Preneel, B. (eds) Information Security. ISC 2006. Lecture Notes in Computer Science, vol 4176. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11836810_22
Download citation
DOI: https://doi.org/10.1007/11836810_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-38341-3
Online ISBN: 978-3-540-38343-7
eBook Packages: Computer ScienceComputer Science (R0)