Litcius/Paper detail

SMap: Internet-wide Scanning for Spoofing

Tianxiang Dai, Haya Shulman

2021Annual Computer Security Applications Conference19 citationsDOI

Abstract

To protect themselves from attacks, networks need to enforce ingress filtering, i.e., block inbound packets sent from spoofed IP addresses. Although this is a widely known best practice, it is still not clear how many networks do not block spoofed packets. Inferring the extent of spoofability at Internet scale is challenging and despite multiple efforts the existing studies currently cover only a limited set of the Internet networks: they can either measure networks that operate servers with faulty network-stack implementations, or require installation of the measurement software on volunteer networks, or assume specific properties, like traceroute loops. Improving coverage of the spoofing measurements is critical.

Topics & Concepts

Spoofing attackComputer scienceComputer networkNetwork packetIP address spoofingThe InternetServertracerouteComputer securityBlock (permutation group theory)Network address translationInternet ProtocolOperating systemGeometryMathematicsNetwork Security and Intrusion DetectionInternet Traffic Analysis and Secure E-votingNetwork Packet Processing and Optimization