ASU Logo

Partha Dasgupta


Home Up Publications Teaching Service Vita Columns



Network Hardening

The Internet is vulnerable to myriads kinds of attacks, due to:

  1. Vulnerabilities in the TCP-IP protocol
  2. No global flow control mechanisms

The above two problems lead to many TCP exploits and the dreaded DDoS attacks.

We have devised a method of incrementally upgrading the network infrastructure at the transport level that solves the above problems and makes the network significantly more resilient to attacks, particularly the DDoS attack.

The approach uses "hardened routers" -- routers that can do simple cryptographic functions (encryption, signatures) on all packets flowing int he network, as well as to participate in a hierarchical control network. We show how incremental deployment of such routers can make the Internet safer.