An Algorithm for Detection and Mitigation of Degradation Attack in Ethernet Passive Optical Networks

To my mother Rose " I'm great believer in luck, and I find the harder I work the more I have of it. " Chapter 6. Analysis of simulation results 44 6.1 TCP transmission client-to-server 44 6.2 TCP transmission server-to-client 49 6.3 Interaction of retransmission time-out mechanism 53 and mitigation algorithm Chapter 7. Conclusion 57 Bibliography 58 Acknowledges 59 III IV Abstract The work presented in this thesis is based on adding new techniques to enhance current security in Ethernet Optical Passive Networks (EPONs). An Ethernet PON is type of Passive Optical Network (PON) which carries all data encapsulated in Ethernet frames. In this way EPON combines Passive Optical Networks (PONs) capable of delivering bandwidth-intensive integrated, data, voice, and video services at distances beyond 20 km with Ethernet protocol. Main advantage of Ethernet protocol is that it is an inexpensive technology that is ubiquitous and interoperable with variety of legacy equipment. Due to exponential growth of internet traffic in the last decades and high number of new services and applications which require large bandwidth existing technologies based on cooper (e.g. Digital Subscriber Line(DSL)) could not keep any more with such demands. EPON has emerged to be good candidate for offering higher capacity to the subscribers under relatively low costs. As in every telecommunication network that is serving high number of users transferring data at the high bit rate, security in EPON is one of very important issues. While security in downstream transmission channel in EPON was focus of many researches due to its broadcast nature, upstream direction was always assumed to be secure. In upstream direction, due to directional properties of passive couplers, which act as passive splitters for downstream, Ethernet frames from many ONU will only reach the OLT and not any other ONU. In this scenario attacks like eavesdropping and all other attacks that are based on exploiting broadcast nature of transmission channel are eliminated. But this does not means that upstream streams cannot be destroyed or that quality of upstream transmission cannot be degraded in some way. In upstream direction, the logical behavior of an EPON is similar to point-to-point networks, but unlike in a true point-to-point network, collisions may occur among frames transmitted from different ONUs. In general EPON should avoid collisions by means of Multi-Point Control Protocol (MPCP) in the Medium Access Control (MAC) layer. But eventual collisions in upstream direction can not be totally …