Projects per year
Abstract
This paper concerns the problem of the absence of ingress filtering at the network edge, one of the main causes of important network security issues. Numerous network operators do not deploy the best current practice—Source Address Validation (SAV) that aims at mitigating these issues. We perform the first Internet-wide active measurement study to enumerate networks not filtering incoming packets by their source address. The measurement method consists of identifying closed and open DNS resolvers handling requests coming from the outside of the network with the source address from the range assigned inside the network under the test. The proposed method provides the most complete picture of the inbound SAV deployment state at network providers. We reveal that 32 673 Autonomous Systems (ASes) and 197 641 Border Gateway Protocol (BGP) prefixes are vulnerable to spoofing of inbound traffic. Finally, using the data from the Spoofer project and performing an open resolver scan, we compare the filtering policies in both directions.
Original language | English |
---|---|
Title of host publication | Passive and Active Measurement - 21st International Conference, PAM 2020, Proceedings |
Editors | Anna Sperotto, Alberto Dainotti, Burkhard Stiller |
Publisher | SpringerOpen |
Pages | 107-121 |
Number of pages | 15 |
ISBN (Print) | 9783030440800 |
DOIs | |
Publication status | Published - 2020 |
Event | 21st International Conference on Passive and Active Measurement, PAM 2020 - Eugene, United States Duration: 30 Mar 2020 → 31 Mar 2020 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 12048 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 21st International Conference on Passive and Active Measurement, PAM 2020 |
---|---|
Country/Territory | United States |
City | Eugene |
Period | 30/03/20 → 31/03/20 |
Keywords
- DNS resolvers
- IP spoofing
- Source Address Validation
Fingerprint
Dive into the research topics of 'Don’t Forget to Lock the Front Door! Inferring the Deployment of Source Address Validation of Inbound Traffic'. Together they form a unique fingerprint.Projects
- 1 Active
-
Cybersecurity (TPM)
van Eeten, M. J. G., Hernandez Ganan, C., Gürses, F. S., van Wegberg, R. S., Parkin, S. E., Zhauniarovich, Y., van Engelenburg, S. H., Kadenko, N. I., Labunets, K., Akyazi, U., Bouwman, X. B., Jansen, B. A., Kaur, M., Al Alsadi, A., Lone, Q. B., Turcios Rodriguez, E. R., Vermeer, M., van Harten, V. T. C., Vetrivel, S., Oomens, E. (. C. )., Kustosch, L. F., Bisogni, F., Ciere, M., Fiebig, T., Korczynski, M. T., Moreira Moura, G. C., Noroozian, A., Pieters, W., Tajalizadehkhoob, S., Dacier, B. H. A., San José Sanchez, J., Çetin, F. O. & Zannettou, S.
1/01/10 → …
Project: Research