Stealth Probing: Securing IP Routing through Data-Plane Security
Securing IP routing is a task that is central in diminishing the Internet's liability to misconfigurations and malicious attacks. In this paper, we argue that securing the data plane is necessary in providing comprehensive routing defense and we propose the stealth probing monitoring tool that securely detects data plane inconsistencies that may be the outcome of either control plane or data plane attacks. Stealth probing correctly detects the fate of data traffic in a non-intrusive, coarse-grained, end-to-end fashion. Stealth probing achieves this by creating an encrypted tunnel between two end-routers and diverting both the data and probing traffic into the tunnel so that probes are indistinguishable from data packets and, therefore, cannot receive preferential treatment by an adversary. We also propose the use of a Byzantine tomography tool that complements stealth probing in achieving fine detection granularity by combining stealth probing output from multiple vantage poin ts. We demonstrate the wide application span of stealth probing and Byzantine tomography by illustrative deployment scenarios in intradomain and interdomain routing.