v (2) NSIS +------+-----+ /----------->+ Node B +-------- NSIS +<--+ / Discovery +-----------+ Node A +---------/ Request IPr +------------+ (1) IPi
Figure 3: MITM Attack during the Discovery Exchange
This attack assumes that the adversary is able to eavesdrop on the initial discovery message sent by the sender of the discovery message. Furthermore, we assume that the discovery reply message by the adversary returns to the discovery message initiator faster than the real response. This represents some race condition characteristics if the next NSIS node is very close (in IP-hop terms) to the initiator. Note that the problem is self-healing since the discovery process is periodically repeated. If an adversary is unable to mount this attack with every discovery message, then the correct next NSIS node along the path will be discovered again. A ping-pong behavior might be the consequence.
As shown in message step (2) in Figure 3, the adversary returns a discovery reply message with its own IP address as the next NSIS- aware node along the path. Without any additional information, the discovery message initiator has to trust this information. Then a messaging association is established with an entity at a given IP
精品推荐