Abstract
Multipath TCP (MPTCP) is an experimental TCP extension designed to add functionality to TCP while remaining backwards-compatible with most networks and devices. MPTCP changes TCP's behavior from how it's commonly understood in ways that go beyond the security of MPTCP itself, with ancillary implications challenging how network security is practiced and implemented. Here, the authors investigate the implications for network security-both in the transitional state, where MPTCP is partially supported, and in a future where every device supports MPTCP. They find that while MPTCP isn't widely supported, increasing support will stimulate changes to common network security rationales and paradigms. In particular, when a connection's identifiers become abstracted from network addresses, or when traffic is fragmented across paths, many current security approaches aren't prepared to recognize this kind of traffic, let alone act appropriately.
| Original language | English |
|---|---|
| Article number | 7155423 |
| Pages (from-to) | 58-65 |
| Number of pages | 8 |
| Journal | IEEE Internet Computing |
| Volume | 19 |
| Issue number | 5 |
| DOIs | |
| State | Published - Sep 1 2015 |
Bibliographical note
Publisher Copyright:© 1997-2012 IEEE.
Keywords
- Internet/Web technologies
- MPTCP
- Multipath-TCP
- TCP/IP
- content inspection
- firewalls
- intrusion-detection systems
- multipath networking
- network security
- security
ASJC Scopus subject areas
- Computer Networks and Communications