Inferring the Deployment of Inbound Source Address Validation Using DNS Resolvers

被引：6

作者：

Korczyriski, Maciej ^{[1
]}

Nosyk, Yevheniya ^{[1
]}

Lone, Qasim ^{[2
]}

Skwarek, Marcin ^{[1
]}

Jonglez, Baptiste ^{[1
]}

Duda, Andrzej ^{[1
]}

机构：

[1] Univ Grenoble Alpes, Grenoble, France

[2] Deft Univ Technol, Delft, Netherlands

来源：

PROCEEDINGS OF THE 2020 APPLIED NETWORKING RESEARCH WORKSHOP, ANRW 2020 | 2020年

关键词：

D O I：

10.1145/3404868.3406668

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

This paper reports on the first Internet-wide active measurement study to enumerate networks not filtering incoming packets based on their source address. Our method identifies closed and open DNS resolvers handling requests from the outside of the network with the source address in the prefix of the tested network. The study gives the most complete picture of the inbound Source Address Validation deployment at network providers: 32,673 IPv4 ASes and 197,641 IPv4 BGP prefixes are vulnerable to spoofing of inbound traffic.

引用

页码：9 / 11

页数：3

共 50 条

[1] Don't Forget to Lock the Front Door! Inferring the Deployment of Source Address Validation of Inbound Traffic
Korczynski, Maciej
Nosyk, Yevheniya
Lone, Qasim
Skwarek, Marcin
Jonglez, Baptiste
Duda, Andrzej
PASSIVE AND ACTIVE MEASUREMENT, PAM 2020, 2020, 12048 : 107 - 121
[2] The Closed Resolver Project: Measuring the Deployment of Inbound Source Address Validation
Nosyk, Yevheniya
Korczynski, Maciej
Lone, Qasim
Skwarek, Marcin
Jonglez, Baptiste
Duda, Andrzej
IEEE-ACM TRANSACTIONS ON NETWORKING, 2023, 31 (06) : 2589 - 2603
[3] Inferring the Deployment of Source Address Validation Filtering using Silence of Path-Backscatter
Saurabh, Samant
Sairam, Ashok Singh
2018 TWENTY FOURTH NATIONAL CONFERENCE ON COMMUNICATIONS (NCC), 2018,
[4] Inferring the Deployment of Top Domains over Public Clouds using DNS Data
Jacquemart, Quentin
Pigout, Clement
Urvoy-Keller, Guillaume
PROCEEDINGS OF THE 3RD NETWORK TRAFFIC MEASUREMENT AND ANALYSIS CONFERENCE (TMA 2019), 2019, : 57 - 64
[5] Deployment of Source Address Validation by Network Operators: A Randomized Control Trial
Lone, Qasim
Frik, Alisa
Luckie, Matthew
Korczynski, Maciej
van Eeten, Michel
Ganan, Carlos
43RD IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP 2022), 2022, : 2361 - 2378
[6] Network Hygiene, Incentives, and Regulation: Deployment of Source Address Validation in the Internet
Luckie, Matthew
Beverly, Robert
Koga, Ryan
Keys, Ken
Kroll, Joshua A.
Claffy, K.
PROCEEDINGS OF THE 2019 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (CCS'19), 2019, : 465 - 480
[7] A Study of the Impact of DNS Resolvers on Performance Using a Causal Approach
Hours, Hadrien
Biersack, Ernst
Loiseau, Patrick
Finamore, Alessandro
Mellia, Marco
2015 27TH INTERNATIONAL TELETRAFFIC CONGRESS ITC 27, 2015, : 10 - 18
[8] A study of the impact of DNS resolvers on CDN performance using a causal approach
Hours, Hadrien
Biersack, Ernst
Loiseau, Patrick
Finamore, Alessandro
Mellia, Marco
COMPUTER NETWORKS, 2016, 109 : 200 - 210
[9] Fingerprinting DNS Resolvers Using Query Patterns from QNAME Minimization
Magnusson, Jonathan
SECURE IT SYSTEMS, NORDSEC 2024, 2025, 15396 : 405 - 423
[10] The Impact of Using Source Address Validation Filtering on Processing Resources
Strugaru, Ovidiu
Potorac, Alin D.
Graur, Adrian
2014 10TH INTERNATIONAL CONFERENCE ON COMMUNICATIONS (COMM), 2014,

← 1 2 3 4 5 →