Most successful attacks that occur today against computer networks are targeted against the computers connected to the network, but not against the routers. At the BlackHat 2005 conference it was shown that potential attacks against routers are far from hypothetical. Current TCP/IP protocols (even including IPSEC) do not have the resilience to deal with routers taken over by the adversary.
We survey the research done in the area of how to communicate reliably and/or privately in the presence of different types of adversaries, for example a malicious (Byzantine) adversary. In this research, the network is viewed as an abstract entity (a graph, directed graph, hypergraph, etc.); this allows for an abstract understanding of the problem. However, in real networks, more vulnerabilities may be added. In the case of the Internet, it is known that the use of a nameserver (DNS) introduces additional vulnerabilities and further weakens the resistance of the network against denial of service attacks. We focus on an abstract viewpoint and do not focus on details, such as when a DNS is involved. Evidently, some of the theory is broad enough to be applied in such settings as the Internet.
If the adversary can control all nodes (routers) in the network, no solution exists. The nodes that can be attacked by the adversary can be described using a threshold, or by what is called an adversary structure. The type of networks studied are pointto-point or broadcast/multicast.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 firstname.lastname@example.org
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 email@example.com