Abstract
In this paper, the approach to providing a given level of information security for multipath routing of confidential messages in a network is considered. A method for providing secure routing over overlapping paths is developed and belongs to the class of proactive solutions for ensuring a given level of information security. The analysis has shown that using the proposed method within the presented calculated examples can improve the probability of compromising transmitted messages at average from 5–10% to 25–50% due to the possibility of using composite paths that are one of the subclasses of overlapping paths. A method of Secure Fast ReRouting (S-FRR) of messages in the network has been synthesized, the novelty of which lies in the fact that it focuses on the implementation of both proactive and reactive secure routing confidential messages. In this case, the proactive nature of the solutions is conditioned by the calculation of the set of primary composite paths forming the primary multipath, along which parts of the confidential message are transmitted. However, in the case of violation of the information security requirements in the network caused by the increased probability of compromising one or multiple composite paths constituent the primary multipath, the messages will be transmitted over the calculated set of the backup composite paths determining the backup multipath. Within the framework of the proposed S-FRR method, it is possible to protect both the primary multipath as a whole and one or several precomputed composite paths included in this primary multipath. The developed methods of secure routing can be used as the basis for new network protocols for routing and fast rerouting for multipath transmission of parts of a confidential message with specified requirements regarding the probability of its compromise in the network.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
ITU-T X-805. Security architecture for systems providing end-to-end communications (2003)
ISO 7498–2:1989 Information processing systems – Open Systems Interconnection – Basic Reference Model – Part 2: Security Architecture (1989)
ITU-T X-800. Security architecture for Open Systems Interconnection for CCITT applications (1991)
Stallings, W.: Cryptography and Network Security: Principles and Practice, 7th edn. Pearson, London (2016)
Schneier, B.: Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, 1st edn. WW Norton & Company, New York (2015)
Cisco Networking Academy (ed.): Routing Protocols Companion Guide, 1st edn. Cisco Press (2014)
Santos, O., Kampanakis, P., Woland, A.: Cisco Next-Generation Security Solutions: All-in-one Cisco ASA Firepower Services, NGIPS, and AMP, 1st edn. Cisco Press (2016)
Wang, M., Liu, J., Mao, J., Cheng, H., Chen, J.: NSV-GUARD: constructing secure routing paths in software defined networking. In: Proceedings of the 2016 IEEE International Conferences on Big Data and Cloud Computing (BDCloud), Social Computing and Networking (SocialCom), Sustainable Computing and Communications (SustainCom) (BDCloud-SocialCom-SustainCom), pp. 293–300 (2016)
Almerhag, I.A., Almarimi, A.A., Goweder, A.M., Elbekai, A.A.: Network security for QoS routing metrics. In: Proceedings of the 2010 International Conference on Computer and Communication Engineering (ICCCE), pp. 1–6 (2010)
Lou, W., Liu, W., Zhang, Y., Fang, Y.: SPREAD: improving network security by multipath routing in mobile ad hoc networks. Wirel. Netw. 15(3), 279–294 (2009)
Alouneh, S., Agarwal, A., En-Nouaary, A.: A novel path protection scheme for MPLS networks using multi-path routing. Comput. Netw. 53(9), 1530–1545 (2009)
Yeremenko, O.S., Ali, A.S.: Secure multipath routing algorithm with optimal balancing message fragments in MANET. Radioelectron. Inform. 1(68), 26–29 (2015)
Yeremenko, O.: Enhanced flow-based model of multipath routing with overlapping by nodes paths. In: Proceedings of the 2015 Second International Scientific-Practical Conference Problems of Infocommunications Science and Technology (PIC S&T), pp. 42–45 (2015)
Yeremenko, O., Lemeshko, O., Persikov, A.: Enhanced method of calculating the probability of message compromising using overlapping routes in communication network. In: Proceedings of the 2017 XIIth International Scientific and Technical Conference Computer Sciences and Information Technologies (CSIT), pp. 87–90 (2017)
Lemeshko, O., Romanyuk, A., Kozlova, H.: Design schemes for MPLS fast reroute. In: Proceedings of the 2013 12th International Conference on the Experience of Designing and Application of CAD Systems in Microelectronics (CADSM), pp. 202–203 (2013)
Lemeshko, O.V., Yeremenko, O.S., Tariki, N., Hailan, A.M.: Fault-tolerance improvement for core and edge of IP network. In: Proceedings of the 2016 XIth International Scientific and Technical Conference Computer Sciences and Information Technologies (CSIT), pp. 161–164 (2016)
Lemeshko, O., Yeremenko, O., Nevzorova, O.: Hierarchical method of inter-area fast rerouting. Transp. Telecommun. J. 18(2), 155–167 (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Yeremenko, O., Lemeshko, O., Persikov, A. (2018). Secure Routing in Reliable Networks: Proactive and Reactive Approach. In: Shakhovska, N., Stepashko, V. (eds) Advances in Intelligent Systems and Computing II. CSIT 2017. Advances in Intelligent Systems and Computing, vol 689. Springer, Cham. https://doi.org/10.1007/978-3-319-70581-1_44
Download citation
DOI: https://doi.org/10.1007/978-3-319-70581-1_44
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-70580-4
Online ISBN: 978-3-319-70581-1
eBook Packages: EngineeringEngineering (R0)