A Vulnerability of Dynamic Network Address Translation to Denial-of-Service Attacks

Abstract

It is well known that Network Address Translation plays not only an important role as the soltion to the IPv4 Depletion problem but also another important one as the enhancement of network security. Actually, it sometimes happens that some newly born network skills are not always compatible with other ready-constructed network ones. In this paper, we point out that the simulutaneous use of network routing and Network Address Translation may bring about an unexpected network traffic congestion. Exactly speaking. in the former half of this paper, we point out the fact that, if we apply dynamic routing together with static one simultaneously, another type of network traffic congestion, which resembles what is brought about by the routing loop, may happen spontaneously, and in the latter half of this paper, we discuss the problem asking if this network traffic congestion can be brought about not only spontaneously but also intentionally for preventing malicious cyber attackers from using this phenomenon intentionally.