Skip to main content
SpringerLink
Log in

Virtual Authentication Ring for Securing Network Operations

  • Chapter
New Technologies, Mobility and Security

Securing network operations in a distributed environment is essential for today’s communications yet is complex. Different than client /server architecture a distributed environment may contain peer to peer, overlay or arbitrary distributed network protocols without a centralized server for network control, and authentication has to be conducted in a distributed way to deal with malicious nodes in the network. In this paper we study authentication in a distributed environment for detecting malicious nodes when they launch attacks or disrupt applications. We propose a virtual authentication ring architecture and present a token ring authentication algorithm for detecting malicious nodes

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Rowstron A. and Druschel. P. Pastry: Scalable, distributed object location and routing for largescale peer-to-peer systems. In Proc. IFIP/ACM Middleware 2001, Heidelberg, Germany, 2001.

    Google Scholar 

  2. Baruch Awerbuch and Christian Scheideler. Towards a scalable and robust DHT. In SPAA’06: Proceedings of the eighteenth annual ACM symposium on Parallelism in algorithms and architectures, 2006, pages 318.327,

    Google Scholar 

  3. Matthew Caesar et al. Virtual ring routing: network routing inspired by DHTs. In SIGCOMM’06: Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications, 2006, pages 351.362.

    Google Scholar 

  4. Miguel Castro et al. Secure routing for structured peer-to-peer overlay networks. SIGOPS Oper. Syst. Rev., 36(SI):299.314, 2002.

    Google Scholar 

  5. Prashant Dewan and Partha Dasgupta. Pride: peer-to-peer reputation infrastructure for decentralized environments. In WWW Alt. ’04: Proceedings of the 13th international World Wide Web conference on Alternate track papers & posters, 2004, pages 480.481.

    Google Scholar 

  6. John R. Douceur and Jon Howell. Byzantine Fault Isolation in the Farsite Distributed File System. In IPTPS. ’06: Proceedings of the 5th International Workshop on Peer-to-Peer Systems, Santa Barbara,CA,USA, February 2006.

    Google Scholar 

  7. J. Kohl and C. Neuman. The kerberos network authentication service, 1993.

    Google Scholar 

  8. Naoum Naoumov and Keith Ross. Exploiting p2p systems for ddos attacks. In InfoScale’06: Proceedings of the 1^st international conference on Scalable information systems, 2006, page 47.

    Google Scholar 

  9. Sylvia Ratnasamy et al. A scalable content-addressable network. In SIGCOMM’01: Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications, 2001, pages 161.172.

    Google Scholar 

  10. Emil Sit and Robert Morris. Security Considerations for Peer-to-Peer Distributed Hash Tables. In IPTPS’01: Revised Papers from the First International Workshop on Peer-to-Peer Systems, 2002, pages 261.269, London, UK.

    Google Scholar 

  11. Mudhakar Srivatsa and Ling Liu. Vulnerabilities and Security Threats in Structured Overlay Networks: A Quantitative Analysis. In ACSAC’04: Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC’04), pages 252.261, Washington, DC, USA, 2004.

    Google Scholar 

  12. Ion Stoica et al . Chord: A Scalable Peer to peer Lookup Service for Internet Applications. In Proceedings of ACM SIGCOMM’01, UC San Diego, CA, USA, August 2001.

    Google Scholar 

  13. Dan S. Wallach. A Survey of Peer-to-Peer Security Issues.

    Google Scholar 

  14. B.Y. Zhao, J.D. Kubiatowicz, and A.D. Joseph. Tapestry: An infrastructure for fault-resilient wide-area location and routing. Technical Report. UMI Order Number: CSD-01-1141, University of California at Berkeley. 2001.

    Google Scholar 

  15. HAvard Johansen et al. Fireflies: Scalable Support for Intrusion-Tolerant Network Overlays. Eurosys 2006. Leuven, Belgium. April 2006.

    Google Scholar 

  16. Yih-Chun Hu et al. Efficient Security Mechanisms for Routing Protocols, In Proceedings of the Tenth Annual Network and Distributed System Security Symposium (NDSS 2003), pp. 57.73, ISOC, San Diego, CA, February 2003.

    Google Scholar 

  17. Richard BEejtlich, The TAO of Network Security Monitoring, ISBN:0-321-24677-2

    Google Scholar 

  18. Prahlad Fogla and Wenke Lee, Evading Network Anomaly Detection Systems: Formal Reasoning and Practical Techniques, CCS’06: Proceedings of the 13th ACM conference on Computer and communications security, pages 59.68, Alexandria, Virginia, USA

    Google Scholar 

  19. K. Wang and S. Stolfo. Anomalous payload-based network intrusion detection. In Recent Advances in Intrusion Detection (RAID), 2004.

    Google Scholar 

  20. K. Wang and S. Stolfo. Anomalous payload-based worm detection and signature generation. In Recent Advances in Intrusion Detection (RAID), 2005.

    Google Scholar 

  21. C. Kruegel and G. Vigna. Anomaly detection of web-based attacks. In Proceedings of the ACM Conference on Computer and Communication Security (ACM CCS), pages 251–261, 2003.

    Google Scholar 

  22. R. Sekar et al. Specification-based anomaly detection: A new approach for detecting network intrusions. In Proceedings of the ACM conference on Computer and communications security (ACM CCS), 2002.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, The Ohio State University, Ohio, USA

    Na Li & David Lee

Authors
  1. Na Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. ENST, Paris, France

    Houda Labiod

  2. CNRS, LIMOS Laboratory-UMR 6158, Aubiere, France

    Mohamad Badra

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer

About this chapter

Cite this chapter

Li, N., Lee, D. (2007). Virtual Authentication Ring for Securing Network Operations. In: Labiod, H., Badra, M. (eds) New Technologies, Mobility and Security. Springer, Dordrecht. https://doi.org/10.1007/978-1-4020-6270-4_27

Download citation

  • DOI: https://doi.org/10.1007/978-1-4020-6270-4_27

  • Publisher Name: Springer, Dordrecht

  • Print ISBN: 978-1-4020-6269-8

  • Online ISBN: 978-1-4020-6270-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation