Abstract
Recently, multicast has seen only marginal wide-scale deployment. One of the main reasons is the lack of support for security and traffic management. Although there has been some recent work, these efforts have not emphasized the critical need to deploy security features side-by-side with management solutions. In this paper, we propose MAFIA, a multicast management solution with the specific aim of strengthening multicast security through multicast access control, multicast traffic filtering, and the prevention of DoS attacks. MAFIA achieves these tasks by making use of information about multicast group memberships available at different locations in a network. We have also designed various deployment solutions for MAFIA. We have implemented one such solution using the GNU/Linux operating system.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Sarac, K., Almeroth, K.: Supporting Multicast Deployment Efforts: A Survey of Tools for Multicast Monitoring. Journal of High Speed Networking–Special Issue on Management of Multimedia Networking (March 2001)
Rajvaidya, P., Ramachandran, K., Almeroth, K.: Detection and Deflection of Denial of Service Attacks against the Multicast Source Discovery Protocol. UCSB Technical Report (May 2003)
Al-Shaer, E., Tang, Y.: Toward integrating IP multicasting in internet network management protocols. Computer Communications 24(5-6), 473–485 (2001)
Wong, C.K., Gouda, M., Lam, S.: Secure group communications using key graphs. In: ACM SIGCOMM, pp. 68–79 (1998)
Chang, I., Engel, R., Kandlur, D., Pendarakis, D., Saha, D.: Key management for secure internet multicast using boolean function minimization techniques. In: IEEE Infocomm 1999, pp. 689–698 (1999)
Djahandari, K., Sterne, D.: An MBone proxy for an application gateway firewall. IEEE Symposium on Security and Privacy (1997)
Finlayson, R.: The UDP Multicast Tunneling Protocol. Internet Engineering Task Force (IETF), draft-finlayson-umtp-*.txt (September 2002)
Chouinard, D.: SOCKS V5 UDP and Multicast Extensions to facilitate multicast firewall traversal. Internet Engineering Task Force (IETF), draft-ietf-aft-mcast-fwtraversal-*.txt (November 1997)
Hardjono, T., Tsudik, G.: IP multicast security: Issues and directions. Annales de Telecom (2000)
IP Security Protocol (ipsec), http://www.ietf.org/html.charters/ipsec-charter.html
Spoofed IGMP Report Denial of Service Vulnerability, http://online.securityfocus.com/bid/5020/info
Kruegel, C., Valeur, F., Vigna, G., Kemmerer, R.: Stateful intrusion detection for high-speed networks. IEEE Symposium on Security and Privacy (May 2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 IFIP International Federation for Information Processing
About this paper
Cite this paper
Ramachandran, K.N., Almeroth, K.C. (2003). MAFIA: A Multicast Management Solution for Access Control and Traffic Filtering. In: Marshall, A., Agoulmine, N. (eds) Management of Multimedia Networks and Services. MMNS 2003. Lecture Notes in Computer Science, vol 2839. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39404-4_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-39404-4_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20050-5
Online ISBN: 978-3-540-39404-4
eBook Packages: Springer Book Archive