Browse > Article

Mtigating the IGMP Flooding Attacks for the IPTV Access Network  

Kim, Sung-Jin (포항공과대학교 정보통신대학원)
Kim, Yu-Na (포항공과대학교 컴퓨터공학과)
Kim, Jong (포항공과대학교 컴퓨터공학과)
Publication Information
Journal of KIISE:Computing Practices and Letters / v.15, no.12, 2009 , pp. 998-1002 More about this Journal
Abstract
In IPTV multicast architecture, the IGMP(Internet Group Management Protocol) is used for access networks. This protocol supports the functionality of join or leave for a specific multicast channel group. But, malicious attackers can disturb legitimate users being served appropriately. By using spoofed IGMP messages, attackers can hi-jack the premium channel, wasting bandwidth and exhausting the IGMP router's resources. To prevent the message spoofing, we can introduce the packet-level authentication methods. But, it causes the additional processing overhead to an IGMP processing router, so that the router is more susceptible to the flooding attacks. In this paper, we propose the two-level authentication scheme in order to mitigate the IGMP flooding attack.
Keywords
IPTV; flooding attacks; packet-level authentication;
Citations & Related Records
연도 인용수 순위
  • Reference
1 M. G. Gouda, E. N. Elnozahy, C.-T. Huang, and T. M. McGuire, "Hop integrity in computer net-works,” IEEE/ACM Transactions on Networking, 10(3), June 2002   DOI   ScienceOn
2 F. Zhao, Y. Shin, S.F. Wu, H. Johnson, A. Nilsson, “RBWA: An Efficient Random-bit Window-based Authentication Protocol,” GLOBECOM '03. vol.3, pp.1379-1383. 2003   DOI
3 "Introduction to IGMP for IPTV Networks," white paper, Juniper Networks, 2007
4 C. Madson and R. Glenn, “The Use of HMAC-MD5-96 Within ESP and AN,” RFC 2403, Nov 1998
5 David Ramirez, "IPTV security: Protecting High Value Digital Contents," Willey, pp.53-60, 2008
6 David Ramirez, “IPTV security: Protecting High Value Digital Contents,” WiIIey, pp.118-125, 2008
7 S. Kent and R. Atkinson, "Security architecture for the internet protocol," In RFC 2401, November 1998
8 Whitefield Diffie and Martin E. Hellman, "New directions in cryptography," IEEE Transactions on Information Theory, 22(6), 1976   DOI
9 Jae-Hyung Bae, Hong-Shik Park, Jin-Ho Hahm, “Consideration on Channel Zapping Time in IPTV Performance Monitoring,” Focus Group on IPTV, 4thFGIPTVmeeting, 2007
10 R. Barbieri, D. Bruschi, and E. Rosti, “Voice over IPsec: Analysis and solutions,” In Proceedings of 18th Annual Computer Security Applications Con-ference, 2002   DOI
11 R. L. Rivest. The RC5 encryption algorithm. LNCS (1008), 1995
12 Wang, H., Bose, A., El-Gendy, M., Shin, K.G., "IP Easy-pass: a light-weight network-edge resource access control," IEEE/ACM Transactions on Net-working, 13(6), 2005   DOI   ScienceOn
13 "Random Number Generation and Testing," http://csrc.nist.gov/rng/
14 N. Haller, C.Metz, P. Nesser, and M. Straw, "RFC 2289 - A One-Time Password System," 1998