| In computer network, it usually uses layering to simplify the design and implementation of network. In order to reduce the coupling between upper and lower layers, each layer uses independent communication-attributes as far as possible in the design process. The purpose of address resolution protocols is to address the correspondence between the physical address of the link layer and the IP address of the network layer.In current network system, there are two models to deal with this correspondence relationship: one is the concentrated resolution model which is represented by domain name system; the other is autonomy discovery model which is represented by address resolution protocols. In autonomy discovery model, there is no authoritative server, address generation and use without registration and certification, so the address resolution protocols are very easy to be deceived. Security is an unavoidable problem of address resolution protocols. Aiming at the security threat the current address resolution protocols facing, we strive to achieve a better research results in the protocol mechanism design, key information hiding, the particularity of address resolution and security protocol design etc.First, we prove two important problems related to the address resolution protocols: The non-determinism of the correspondence relation and the equivalence of address resolution and duplicate address detection. Most of the studies use determine method to improve the security of resolution process, through the determination to filter the illegal message. This determination is completed by its own system software or third party devices. But the un-decidability of corresponding shows that the determination method is not perfect, the rate of false positive cannot be eliminated. The equivalence of address resolution and DAD shows that the protocols such as NDP, SEND etc. can be simplified in architecture, some functions can be combined, and the security methods of address resolution process and DAD should learn each other’s security methods.Furthermore, in view of the lack of theoretical support of protocol design, designing the address resolution protocol base on the game theory is proposed. In this paper, the protocol is analyzed from the perspective of game theory; the address resolution problem is isomorphic to the wallet problem in real world. From game tree analysis on the wallet problem, the weakness of traditional address resolution protocol is pointed out. From game theory, the address resolution can be seen as a three stages game. The first stage is signal design, the purpose of this stage is to design a reasonable signal to guarantee the security of the host; in second stage, the host needs send out the signal, other players decide whether to participate; in the th ird stage, mechanism decide the utility of each players base on the mechanism and utility function. Analysis shows that, if the mechanism is reasonable enough, rational players will give up the senseless attack, because the utility of attack is lower than the utility of normal participation.Secondly, this paper puts forward the duplicate address detection with WAY mechanism. In the initiating stage of traditional DAD process, the destination of detection(key information) is broadcast in LAN. All the hosts will get the information, so it makes the DAD process is easy to be attacked by Do S, making the node unable to configure the new address. In order to conquer this weakness, the paper proposes WAY mechanism. WAY mechanism use the destination of DAD process as the key information, through self declaration and WAY-table inspection, while using the reverse address validation make the attack node exposes the real MAC address, so as to filter the spoofing messages, it increases the cost of cheating node and can prevent second cheating.Third, this paper presents a reverse address resolution mechanism Re-AR. Mechanism design theory shows that the mechanisms of traditional address resolution protocols are unreasonable. It does not realize the purpose of mechanism design, that is to maximize the interests of the mechanism designer or as fair as possible, it makes malicious nodes can obtain more revenue through simple deception. Aiming at these problems, this paper puts forward the address resolution process and the duplicate address detection process based on the reverse mechanism. Base on the revelation principle of mechanism design, the IP and MAC of the host can be seen as private type in reverse address resolution process.In address resolution process, after node receives an address resolution request, it will send its private type to the source host with unicast. The source host gives the communication right to the destination host according to the mechanism. Due to the destination address is not shown in broadca st, it makes the attacker cannot carry out spoofing base on the destination address, so it effectively prevent fraud. In reverse duplicate address detection Re-DAD process, the destination address that to be detected is not given out, but it uses a prefix to give out the range of detection. Host needs to reply with the address that matches with the condition. Host checks all the addresses that it received, to determine whether there is an address conflict, thus significantly increased the difficulty of attack.Fourth, this paper presents seeking secret man problem SSM and a nonymous address resolution protocol AS-AR. In reality, there are many problems similar with the wallet problem. These problems have their own characteristics, we call these problems Seeking Secret Man in this paper. Address resolution is an example of SSM. In view of the SSM, a new security protocol is proposed, which is called SSM protocol. The problem that SSM needs to resolve is how to find the target safely in the case of critical information must be disclosed. This paper designs two models to employment the SSM. One is based on the random oracle model, the other is comprehensive security protocol. Base on the SSM protocol, we design a new address resolution process and a new duplicate address detection protocol. The new address resolution process is called Anonymous address resolution process; in addition to hiding the destination address that to be resolved, it also hiding source host‘s IP and MAC addresses. It realized anonymous address resolution. Experiments and analysis show that the anonymous address resolution process can not only prevent the attacks, but also effectively prevent the denial of service attacks.
|
PDF Full Text Request