Protecting QoS in the Ciphertext Domain

摘要

The Automated Digital Network System (ADNS) provides network services and entry into the Defense Information System Network (DISN) for U.S. Navy ships, submarines and shore facilities. ADNS is the Navy's primary tactical wide area network (WAN) and intends to provide optimal use of the bandwidth assigned by the system to Unclassified, Secret, Sensitive Compartmented Information (SCI), and Joint and Coalition networks. As the primary tactical network interface between ships and shore-based RNOSC and NCTS, ADNS INC III is employed to support Mission Critical Command and Control (C2) communications and as such, ADNS INC III must provide protection against adversarial flooding attacks aimed at consuming a significant portion of our bandwidth. We are the first to show that through statistical ciphertext (CT) flow analysis using Maximum Entropy Estimation it is possible to detect malicious flooding attacks and to further police the protected core traffic to preserve Quality of Service (QoS).