Techniques for the Detection of Faulty Packet Header Modifications

Abstract

Understanding, measuring, and debugging IP networks, particularly across administrative domains, is challenging. Compounding the problem are transparent in-path appliances and middleboxes that can be difficult to manage and sometimes left out-of-date or misconfigured. As a result, packet headers can be modified in unexpected ways, negatively impacting end-to-end performance. We discuss the impact of such packet header modifications, present an array of techniques for their detection, and define strategies to add tamper-evident protection to our detection techniques. We select a solution for implementation into the Linux TCP stack and use it to examine real-world Internet paths. We discover various instances of in-path modifications and extract lessons learned from them to help drive future design efforts.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 12, 2014
Accession Number
ADA601669

Entities

People

  • Mark Allman
  • Robert Beverly
  • Ryan Craven

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • C4I
  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • California
  • Coding
  • Communication Channels
  • Computer Networks
  • Computer Science
  • Cryptography
  • Detection
  • Information Operations
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Network Protocols
  • Operating Systems
  • Routing Protocols
  • Security Protocols
  • Software Defined Networks
  • Transport Protocols
  • United States

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Cybersecurity.
  • Systems Analysis and Design