Abstract

The IP protocol is the preferred data communication mechanism used nowadays. Data encapsulated using IP can be compromised if it is sent in clear text or without integrity protection, and even using known protocols to protect the confidentiality, integrity and authenticity of this data, the EtherType field of the Ethernet frames and the header of the IP packets in a wired Ethernet network still remain exposed opening possibilities for an attacker to gain knowledge of the network, cause a denial of service attack or steal information.

In this thesis, we propose a new protocol that protects the confidentiality, integrity and authenticity of the IP communication in a wired Ethernet network. This new protocol operates in the layer 2 of the OSI model, and for each Ethernet frame, it encapsulates the EtherType field and the entire IP packet into a new PDU structure that is partially encrypted. Integrity and authenticity are assured by an HMAC value or a digital signature calculated over the entire frame. We ran several tests to analyze the security characteristics and performance impact of our proposed solution; the results of these tests demonstrate that all traffic is effectively protected and that an attacker or eavesdropper wouldn't know the type of protocols, IP addresses or any other data travelling across the network. It is also demonstrated that under certain conditions, performance is not highly impacted and is feasible to protect the network communication with our new protocol.

Library of Congress Subject Headings

Ethernet (Local area network systems)--Security measures; Data transmission systems--Security measures

Publication Date

8-2014

Document Type

Thesis

Student Type

Graduate

Degree Name

Networking and System Administration (MS)

Department, Program, or Center

Information Sciences and Technologies (GCCIS)

Advisor

Tae Oh

Advisor/Committee Member

Sharon Mason

Advisor/Committee Member

Bruce Hartpence

Comments

Physical copy available from RIT's Wallace Library at TK5105.8.E83 C36 2014

Campus

RIT – Main Campus

Plan Codes

NETSYS-MS

Download

Share

COinS