Attacks Notification of Differentiated Services Code Point (DSCP) values modifications

Alarood, Ala Abdulsalam and Abubakar, Adamu and Alsubaei, Faisal S. (2023) Attacks Notification of Differentiated Services Code Point (DSCP) values modifications. IEEE Access, 11. pp. 126950-126966. E-ISSN 2169-3536

	PDF - Published Version Restricted to Repository staff only Download (1MB) \| Request a copy
	PDF - Published Version Restricted to Registered users only Download (277kB) \| Request a copy

Official URL: https://ieeexplore.ieee.org/document/10314996

Abstract

The DSCP is an integral component within the Internet Protocol (IP) header of a packet, serving the purpose of categorizing and administering network traffic, as well as facilitating the provision of Quality of Service (QoS) on IP networks. In the context of network communication, it is feasible for an adversary to transmit packets with a DSCP value of ‘‘x,’’ which represents a high priority. This action aims to prioritize the specified packet over other network traffic packets without triggering any notifications during the transmission session. It is possible to use identical DSCP values for both offensive and defensive purposes. This study therefore proposed a method for generating attack notifications in response to changes in DSCP values by using binary vectors to represent entries that detect attacks and those that do not. The method returns a list of Boolean values, each of which indicates whether or not the corresponding packet was classified as an attack. The study employed an experimental research methodology to generate transmission scenarios in which an attacker would attempt to transmit packets with a malicious DSCP value so that they would be prioritized over other traffic. A function was developed to detect deviation from normal and modification values involving DSCP value operations of normal traffic and generate alert. The finding of the experimental analysis indicates the vector, represents normal traffic because it does not have a DSCP value associated with an attack. The vectors representing spoofed, Assured Forwarding (AF), Class Selector (CS) and Expedited Forwarding (EF) respectively and generate an alert based on their values. This has contributed in detecting when an attacker tries to send packets with modified DSCP value in order to get them prioritized over the other packet on the normal traffic.

Item Type:	Article (Journal)
Uncontrolled Keywords:	Assured forwarding, class selector, differentiated services, expedited forwarding,
Subjects:	Q Science > Q Science (General) > Q300 Cybernetics > Q350 Information theory
Kulliyyahs/Centres/Divisions/Institutes (Can select more than one option. Press CONTROL button):	Kulliyyah of Information and Communication Technology Kulliyyah of Information and Communication Technology Kulliyyah of Information and Communication Technology > Department of Computer Science Kulliyyah of Information and Communication Technology > Department of Computer Science
Depositing User:	Dr Adamu Abubakar
Date Deposited:	20 Nov 2023 10:33
Last Modified:	30 Jan 2024 10:29
URI:	http://irep.iium.edu.my/id/eprint/108238

Actions (login required)

View Item

Download Statistics

Downloads

Downloads per month over past year