Securing the Private Realm Gateway

Hammad Kabir, Jesús Llorente Santos, Raimo Kantola

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    5 Citations (Scopus)

    Abstract

    The traditional mechanisms to traverse Network Address Translators (NAT) do not scale well to battery powered mobile-hosts: the majority of Internet users today. Private Realm Gateway (PRGW) aims to replace NATs at network edges and overcome the drawbacks of the NAT traversal mechanisms. The solution does not require changes in end-hosts or protocols, and hosts in the private realm can remain globally reachable without polling. PRGW handles incoming connections based on domain resolution of the served hosts. Incoming DNS queries create connection state in PRGW for subsequent packet forwarding. The connection state provides means for access control on the Internet-originated flows. This paper analyses the security of PRGW and introduces mechanisms that protect the served hosts and networks against Internet-borne attacks, in particular: address spoofing and Distributed Denial of Service (DDoS). The paper contributes to establish PRGW as an incrementally deployable network function that offers light-weight NAT traversal and protects the private realm against the inherent Internet threats.

    Original languageEnglish
    Title of host publication2016 IFIP Networking Conference (IFIP Networking) and Workshops, IFIP Networking 2016
    PublisherIEEE
    Pages243-251
    Number of pages9
    ISBN (Electronic)9783901882838
    DOIs
    Publication statusPublished - 21 Jun 2016
    MoE publication typeA4 Conference publication
    EventIFIP Networking - Vienna, Austria
    Duration: 17 May 201619 May 2016

    Conference

    ConferenceIFIP Networking
    Abbreviated titleNETWORKING
    Country/TerritoryAustria
    CityVienna
    Period17/05/201619/05/2016

    Keywords

    • DDoS
    • Denial of Service
    • DNS
    • Gateway
    • Internet threats
    • NAT
    • NAT Traversal
    • Network
    • PRGW
    • Security

    Fingerprint

    Dive into the research topics of 'Securing the Private Realm Gateway'. Together they form a unique fingerprint.

    Cite this