a reproducibility study of ip spoofing detection in inter
play

A Reproducibility Study of IP Spoofing Detection in Inter-Domain - PowerPoint PPT Presentation

Apr 05, 2024 •231 likes •326 views

A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann, Raphael Hiesgen, Thomas C. Schmidt, Matthias Whlisch t.schmidt@haw-hamburg.de Spoofing Detection in Interdomain Traffic Starting Point: Our

  1. A Reproducibility Study of “IP Spoofing Detection in Inter-Domain Traffic” Jasper Eumann, Raphael Hiesgen, Thomas C. Schmidt, Matthias Wählisch t.schmidt@haw-hamburg.de

  2. Spoofing Detection in Interdomain Traffic Starting Point: Our objective: • Lichtblau, Streibelt, Krüger, Richter, Feldmann: • Build a software infrastructure that can Detection, Classification, and Analysis of Inter- scrub spoofed traffic at IXPs in real-time Domain Traffic with Spoofed Source IP • First: Reproduce results with a different Addresses, IMC 2017 team, different setup, data and times Claim: • Method to passively detect spoofed Our approach: packets in traffic exchanged between networks in the inter-domain Internet • Iterate methods and (provided) scripts at that minimizes false positives a large regional IXP Application domain: IXP • Extend the analysis with additional BGP data sets and dig into classified traffic • Measurements and Analyses preformed at a large European IXP

  3. The IMC‘17 Approach Idea: If a valid packet leaves an AS, it must originate from the routable cone of the emitting AS, i.e., belongs to a prefix reachable through it Three approaches to identify these cones: • Naïve: A prefix P is in the cone of AS A, iff A appears on a BGP path for P • CAIDA customer cone: All prefixes of customer ASes • Full cone: Extends the naïve cone by assuming transitive relations between all neighboring ASes for all prefixes

  4. Classification Traffic types • Regular • Bogon: Private or multicast source addresses • Unrouted: Source addresses from unannounced IP space • Invalid: Classified as spoofed

  5. Time Series for Classified Traffic

  6. Packet Properties IMC’17 sees 90 % of invalid UDP traffic to port 123 (NTP)

  7. Looking Deeper in our Invalid Traffic

  8. Summary • Results of IMC’17 could not be reproduced • Particular discrepancies for Full Cone approach • Traffic classified as invalid appears mainly unspoofed • Majority of traffic seems HTTP(s) or Quick – not NTP or DNS • False positive indicators dominate • Our impression: determination of cones not accurate enough • BGP visibility too low • Authors of IMC’17 manually added peerings after traffic inspection • Approach seems unsuitable for operational deployment

Recommend

A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann

A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann

A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann October 9, 2019 iNET RG, Hamburg University of Applied Sciences Overview IP Spoofing Mitigation in General Detection in Inter-Domain Traffic

778 views • 42 slides
Gen Gener eral In Inter eres ests: Secure Proximity / Distance Measurement GPS Spoofing and

Gen Gener eral In Inter eres ests: Secure Proximity / Distance Measurement GPS Spoofing and

Gen Gener eral In Inter eres ests: Secure Proximity / Distance Measurement GPS Spoofing and Spoofing Detec:on Usable Authen:ca:on (2FA) Security of Blockchains / Cryptocurrencies Trusted Compu:ng Secure Proximi mity / Distance Measureme

589 views • 30 slides
Recent trends in Interference Mitigation and Spoofing Detection ! Fabio Dovis ! Electronics Dept.,

Recent trends in Interference Mitigation and Spoofing Detection ! Fabio Dovis ! Electronics Dept.,

Recent trends in Interference Mitigation and Spoofing Detection ! Fabio Dovis ! Electronics Dept., Politecnico di Torino, Italy ! !"#$%&''()*++,(-./0121,(3*4*54)*++( Outline ! GNSS vulnerabilities ! Classification of interfering

970 views • 50 slides
Discussion: Reproducibility and Cross-study Replicability of Prognostic Signatures from High

Discussion: Reproducibility and Cross-study Replicability of Prognostic Signatures from High

Discussion: Reproducibility and Cross-study Replicability of Prognostic Signatures from High Throughput Genomic Data Lee Dicker Rutgers University May 2, 2014 Rutgers Statistics Symposium Discussion: Reproducibility and Cross-study

371 views • 12 slides
IP Spoofing Detection Through Time to Live Header Analysis Final Talk BSc Informatics Arno Hilke

IP Spoofing Detection Through Time to Live Header Analysis Final Talk BSc Informatics Arno Hilke

Chair for Network Architectures and Services Technische Universitt Mnchen IP Spoofing Detection Through Time to Live Header Analysis Final Talk BSc Informatics Arno Hilke Supervisor : Prof. Dr.-Ing. Georg Carle Advisors : Quirin Scheitle,

663 views • 16 slides
disclaimer: half-baked ideas IP spoofing is a well-known problem a key component of such

disclaimer: half-baked ideas IP spoofing is a well-known problem a key component of such

disclaimer: half-baked ideas IP spoofing is a well-known problem a key component of such DDoS attacks addressing spoofing attempts to eliminate spoofing, not adopted IETF BCPs 38-84, ISOC MANRS scrubbing centers (eg Akamai,

700 views • 19 slides
Haltermann Test & Reference Fuels Proposed CARB-III Repeatability and Reproducibility Study

Haltermann Test & Reference Fuels Proposed CARB-III Repeatability and Reproducibility Study

Haltermann Test & Reference Fuels Proposed CARB-III Repeatability and Reproducibility Study Study Basis Fuel samples produced in lab under controlled conditions Manufacturing scale would present additional challenges 16

387 views • 3 slides
Inter-Arrival Curves for Multi-Mode and Online Anomaly Detection Mahmoud Salem, Mark Crowley,

Inter-Arrival Curves for Multi-Mode and Online Anomaly Detection Mahmoud Salem, Mark Crowley,

Work-in-Progress Session Inter-Arrival Curves for Multi-Mode and Online Anomaly Detection Mahmoud Salem, Mark Crowley, and Sebastian Fischmeister 2 Inter-arrival Curves for Anomaly Detection [1] Inter-arrival curves make good features for

514 views • 8 slides
Reproducibility and Cross-study Replicability of Prognostic Signatures from High Throughput

Reproducibility and Cross-study Replicability of Prognostic Signatures from High Throughput

Reproducibility and Cross-study Replicability of Prognostic Signatures from High Throughput Genomic Data giovanni parmigiani@dfci.harvard.edu 2014 Rutgers Statistics Symposium signatures and prognosis Sorlie PNAS 03 CuratedOvarianData

275 views • 24 slides
TRAINING INTER STATE STUDY TOUR TO NDRI KARNAL TRAINING INTER STATE STUDY TOUR TO

TRAINING INTER STATE STUDY TOUR TO NDRI KARNAL TRAINING INTER STATE STUDY TOUR TO

TRAINING INTER STATE STUDY TOUR TO NDRI KARNAL TRAINING INTER STATE STUDY TOUR TO JALGAON STUDY TOUR TO JAIPUR TRAINING WITHIN STATE TRANING AT KVK BAJAURA TRAINING WITHIN DISTRICT TRAINING AT TRAINING AT RICE AND WHEAT RESERCH

478 views • 24 slides
New NIH requirements regarding Rigor and Reproducibility

New NIH requirements regarding Rigor and Reproducibility

New NIH requirements regarding Rigor and Reproducibility http://grants.nih.gov/reproducibility/faqs.htm 1. The scientific premise of the proposed research 2. Rigorous experimental design for robust and unbiased results 3. Consideration of

333 views • 10 slides
The structure of European development Community detection in inter-industry and external

The structure of European development Community detection in inter-industry and external

Introduction Methodology Community Detection Labour and Subsystems From IO to Countries From Trade to Commodities The structure of European development Community detection in inter-industry and external trade networks Nadia Garbellini

839 views • 65 slides
Computational Reproducibility in Production Physics Applications Numerical Reproducibility at

Computational Reproducibility in Production Physics Applications Numerical Reproducibility at

Slide 1 Computational Reproducibility in Production Physics Applications Numerical Reproducibility at Exascale Workshop Supercomputing 2015 November 20, 2015 Robert W. Robey Los Alamos National Laboratory LA-UR-15-28798 UNCLASSIFIED

115 views • 10 slides
Open data provenance and reproducibility: a case study from publishing CMS open data Tibor

Open data provenance and reproducibility: a case study from publishing CMS open data Tibor

Open data provenance and reproducibility: a case study from publishing CMS open data Tibor Simko 1 Heitor Pascoal de Bittencourt 2 Edgar Carrera 2 Clemens Lange 2 Kati Lassila-Perini 2 Lara Lloret 2 Tom McCauley 2 Jan Okraska 1 Daniel

391 views • 15 slides
Study on Winter Road Surface Friction Characteristics and Their Reproducibility Roberto TOKUNAGA 1

Study on Winter Road Surface Friction Characteristics and Their Reproducibility Roberto TOKUNAGA 1

2016 International Conference & Workshop on Winter Maintenance and Surface Transportation Weather Study on Winter Road Surface Friction Characteristics and Their Reproducibility Roberto TOKUNAGA 1 , Akihiro FUJIMOTO 1 , Kenji SATO 1 , Naoto

189 views • 14 slides
Compressing Inverted Indexes with Recursive Graph Bisection: A Reproducibility Study Joel

Compressing Inverted Indexes with Recursive Graph Bisection: A Reproducibility Study Joel

Compressing Inverted Indexes with Recursive Graph Bisection: A Reproducibility Study Joel Mackenzie 1 Antonio Mallia 2 Mathias Petri 3 J. Shane Culpepper 1 Torsten Suel 2 1 RMIT University, Melbourne, Australia 2 New York University, New York, USA

1.07k views • 61 slides
Reproducibility & Generalizability @ Twitter Strengthening Reproducibility in Network Science

Reproducibility & Generalizability @ Twitter Strengthening Reproducibility in Network Science

Reproducibility & Generalizability @ Twitter Strengthening Reproducibility in Network Science workshop NetSci 2017 Brandon Roy @bcroygbiv June 19, 2017 What is Twitter? Twitter is a real-time information network its whats

651 views • 26 slides
R and Reproducibility A Proposal David Smith Revolu0on

R and Reproducibility A Proposal David Smith Revolu0on

R and Reproducibility A Proposal David Smith Revolu0on Analy0cs DSC 2014 Why care about reproducibility? Academic / Clinical Research Verify results

175 views • 16 slides
B: Data Reproducibility What are we doing in Singapore, Tim White and what should journals be

B: Data Reproducibility What are we doing in Singapore, Tim White and what should journals be

B: Data Reproducibility What are we doing in Singapore, Tim White and what should journals be doing? Associate Vice President Infrastructure & Programs Monday 22 October 2018 2 of 3 Data Reproducibility & Management From Policy to

257 views • 3 slides
Everware - lowering reproducibility barriers Andrey Ustyuzhanin Yandex School of Data Analysis

Everware - lowering reproducibility barriers Andrey Ustyuzhanin Yandex School of Data Analysis

Everware - lowering reproducibility barriers Andrey Ustyuzhanin Yandex School of Data Analysis and Higher School of Economics, Moscow, Russia Scientific Reproducibility Nature: 1,500 scientists lift the lid on reproducibility by Monya Baker

604 views • 13 slides
Perfect Reproducibility Is What Control . . . Not Always Algorithmically Control Strategy

Perfect Reproducibility Is What Control . . . Not Always Algorithmically Control Strategy

Users Often Want . . . At Least the Users . . . Description of the . . . Simple Case Study . . . Perfect Reproducibility Is What Control . . . Not Always Algorithmically Control Strategy (cont-d) Comment Possible: A Pedagogical Can We

414 views • 16 slides
Rigor, Reproducibility, and Transparency David T. Redden, PhD Co-Director, CCTS BERD Chair,

Rigor, Reproducibility, and Transparency David T. Redden, PhD Co-Director, CCTS BERD Chair,

Rigor, Reproducibility, and Transparency David T. Redden, PhD Co-Director, CCTS BERD Chair, Department of Biostatistics December 16, 2015 NIH plans to Enhance Reproducibility Policy: NIH plans to enhance reproducibility Francis Collins

335 views • 19 slides
Bloom Filter based Inter-domain Name Resolution: A Feasibility Study Konstantinos V. Katsaros,

Bloom Filter based Inter-domain Name Resolution: A Feasibility Study Konstantinos V. Katsaros,

Bloom Filter based Inter-domain Name Resolution: A Feasibility Study Konstantinos V. Katsaros, Wei Koong Chai and George Pavlou University College London, UK Outline Inter-domain name resolution in ICN Scalability concerns Bloom

694 views • 33 slides
Computational Reproducibility Daniel S. Katz Jennifer Freeman Smith Computational

Computational Reproducibility Daniel S. Katz Jennifer Freeman Smith Computational

Computational Reproducibility Daniel S. Katz Jennifer Freeman Smith Computational Reproducibility Depending on your field also known as: narrow replicability, pure replicability, analytical replicability, reproducibility If I took

377 views • 18 slides

More recommend