Techniques for the Detection of Faulty Packet Header Modifications
Title | Techniques for the Detection of Faulty Packet Header Modifications |
Publication Type | Technical Report |
Year of Publication | 2014 |
Authors | Craven, R., Beverly R., & Allman M. |
Other Numbers | 3672 |
Abstract | Understanding, measuring, and debugging IP networks, particularly across administrative domains, is challenging. Compounding the problem are transparent in-path appliances and middleboxes that can be difficult to manage and sometimes left out-of-date or misconfigured. As a result, packet headers can be modified in unexpected ways, negatively impacting end-to-end performance. We discuss the impact of such packet header modifications, present an array of techniques for their detection, and define strategies to add tamper-evident protection to our detection techniques. We select a solution for implementation into the Linux TCP stack and use it to examine real-world Internet paths. We discover various instances of in-path modifications and extract lessons learned from them to help drive future design efforts. |
Acknowledgment | This work was partially supported by funding provided through National Science Foundation grant NeTS : 1213155 (User-Centric Network Measurement). Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors or originators and do not necessarily reflect the views of the National Science Foundation. |
Bibliographic Notes | Naval Postgraduate School Technical Report NPS-CS-14-002 |
Abbreviated Authors | R. Craven, R. Beverly, and M. Allman |
ICSI Research Group | Networking and Security |
ICSI Publication Type | Technical Report |