Traffic Engineering (TE) is currently required in multi-domain multi-provider networks to effectively exploit network resources. The Path Computation Element (PCE) architecture has been recently proposed for actually enabling TE in the aforementioned scenario. However, it might be exposed to several confidentiality leaks among network providers. Numerous research works in the context of multi-domain networks recently focused on authentication, authorization, and encryption mechanisms to mitigate the PCE architecture confidentiality leaks. With respect to such works, this paper tackles confidentiality issues from a different perspective, i.e., the detection of malicious utilization of path computation services aiming at inferring salient intra-domain information of other providers. This paper proposes the PCE Anomaly Detector (PAD) for detecting malicious PCE using a statistical anomaly-based approach. The novel statistical model used by the PAD is accurately described and PAD building blocks are presented. Simulation results show the effectiveness of the proposed approach that achieves an effective trade-off between the false alarms probability and the detection delay.
Guaranteeing Confidentiality in Multi-domain Networks: the PCE Anomaly Detector (PAD)
Martini B;
2013-01-01
Abstract
Traffic Engineering (TE) is currently required in multi-domain multi-provider networks to effectively exploit network resources. The Path Computation Element (PCE) architecture has been recently proposed for actually enabling TE in the aforementioned scenario. However, it might be exposed to several confidentiality leaks among network providers. Numerous research works in the context of multi-domain networks recently focused on authentication, authorization, and encryption mechanisms to mitigate the PCE architecture confidentiality leaks. With respect to such works, this paper tackles confidentiality issues from a different perspective, i.e., the detection of malicious utilization of path computation services aiming at inferring salient intra-domain information of other providers. This paper proposes the PCE Anomaly Detector (PAD) for detecting malicious PCE using a statistical anomaly-based approach. The novel statistical model used by the PAD is accurately described and PAD building blocks are presented. Simulation results show the effectiveness of the proposed approach that achieves an effective trade-off between the false alarms probability and the detection delay.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.