MACHETE: Multi-path Communication for Cloud Security

TitleMACHETE: Multi-path Communication for Cloud Security
Publication TypeConference Paper
Year of Publication2016
AuthorsRaposo D, Pardal M, Rodrigues L, Correia M
Conference NameThe 15th IEEE International Symposium on Network Computing and Applications (NCA 2016)
Date Published31 October-2 Nov
PublisherIEEE Computer Society
Conference LocationCambridge, MA USA

Communication through the Internet raises privacy and confidentiality concerns. Protocols such as HTTPS may be used to protect the communication, but occasionally vulnerabilities that may allow snooping on packet content are discovered. To address this issue, we present MACHETE, an application-layer multi-path communication mechanism that provides additional confidentiality by splitting data streams in different physical paths. MACHETE has to handle two challenges: sending packets over different paths when Internet’s routing imposes a single path between pairs of network interfaces; splitting streams of data sent over TCP connections. MACHETE is the first to exploit
MultiPath TCP (MPTCP) for security purposes. It leverages overlay networks and multihoming to handle the first challenge and MPTCP to handle the second. MACHETE establishes an overlay network and scatters the data over the available paths, thus reducing the effectiveness of snooping attacks. Mechanisms are provided to select paths based on path diversity.