130 research outputs found
Distributed reflection denial of service attack: A critical review
As the world becomes increasingly connected and the number of users grows exponentially and “things” go online, the prospect of cyberspace becoming a significant target for cybercriminals is a reality. Any host or device that is exposed on the internet is a prime target for cyberattacks. A denial-of-service (DoS) attack is accountable for the majority of these cyberattacks. Although various solutions have been proposed by researchers to mitigate this issue, cybercriminals always adapt their attack approach to circumvent countermeasures. One of the modified DoS attacks is known as distributed reflection denial-of-service attack (DRDoS). This type of attack is considered to be a more severe variant of the DoS attack and can be conducted in transmission control protocol (TCP) and user datagram protocol (UDP). However, this attack is not effective in the TCP protocol due to the three-way handshake approach that prevents this type of attack from passing through the network layer to the upper layers in the network stack. On the other hand, UDP is a connectionless protocol, so most of these DRDoS attacks pass through UDP. This study aims to examine and identify the differences between TCP-based and UDP-based DRDoS attacks
The Road Ahead for Networking: A Survey on ICN-IP Coexistence Solutions
In recent years, the current Internet has experienced an unexpected paradigm
shift in the usage model, which has pushed researchers towards the design of
the Information-Centric Networking (ICN) paradigm as a possible replacement of
the existing architecture. Even though both Academia and Industry have
investigated the feasibility and effectiveness of ICN, achieving the complete
replacement of the Internet Protocol (IP) is a challenging task.
Some research groups have already addressed the coexistence by designing
their own architectures, but none of those is the final solution to move
towards the future Internet considering the unaltered state of the networking.
To design such architecture, the research community needs now a comprehensive
overview of the existing solutions that have so far addressed the coexistence.
The purpose of this paper is to reach this goal by providing the first
comprehensive survey and classification of the coexistence architectures
according to their features (i.e., deployment approach, deployment scenarios,
addressed coexistence requirements and architecture or technology used) and
evaluation parameters (i.e., challenges emerging during the deployment and the
runtime behaviour of an architecture). We believe that this paper will finally
fill the gap required for moving towards the design of the final coexistence
architecture.Comment: 23 pages, 16 figures, 3 table
Addressless: A New Internet Server Model to Prevent Network Scanning
Eliminating unnecessary exposure is a principle of server security. The huge
IPv6 address space enhances security by making scanning infeasible, however,
with recent advances of IPv6 scanning technologies, network scanning is again
threatening server security. In this paper, we propose a new model named
addressless server, which separates the server into an entrance module and a
main service module, and assigns an IPv6 prefix instead of an IPv6 address to
the main service module. The entrance module generates a legitimate IPv6
address under this prefix by encrypting the client address, so that the client
can access the main server on a destination address that is different in each
connection. In this way, the model provides isolation to the main server,
prevents network scanning, and minimizes exposure. Moreover it provides a novel
framework that supports flexible load balancing, high-availability, and other
desirable features. The model is simple and does not require any modification
to the client or the network. We implement a prototype and experiments show
that our model can prevent the main server from being scanned at a slight
performance cost
Migrating the Internet to IPv6: An Exploration of the When and Why
The paper documents and to some extent elucidates the progress of IPv6 across major Internet stakeholders since its introduction in the mid 90’s. IPv6 offered an early solution to a well-understood and well-documented problem IPv4 was expected to encounter. In spite of early standardization and awareness of the issue, the Internet’s march to IPv6 has been anything but smooth, even if recent data point to an improvement. The paper documents this progression for several key Internet stakeholders using available measurement data, and identifies changes in the IPv6 ecosystem that may be in part responsible for how it has unfolded. The paper also develops a stylized model of IPv6 adoption across those stakeholders, and validates its qualitative predictive ability by comparing it to measurement data
Assessing the Privacy Benefits of Domain Name Encryption
As Internet users have become more savvy about the potential for their
Internet communication to be observed, the use of network traffic encryption
technologies (e.g., HTTPS/TLS) is on the rise. However, even when encryption is
enabled, users leak information about the domains they visit via DNS queries
and via the Server Name Indication (SNI) extension of TLS. Two recent proposals
to ameliorate this issue are DNS over HTTPS/TLS (DoH/DoT) and Encrypted SNI
(ESNI). In this paper we aim to assess the privacy benefits of these proposals
by considering the relationship between hostnames and IP addresses, the latter
of which are still exposed. We perform DNS queries from nine vantage points
around the globe to characterize this relationship. We quantify the privacy
gain offered by ESNI for different hosting and CDN providers using two
different metrics, the k-anonymity degree due to co-hosting and the dynamics of
IP address changes. We find that 20% of the domains studied will not gain any
privacy benefit since they have a one-to-one mapping between their hostname and
IP address. On the other hand, 30% will gain a significant privacy benefit with
a k value greater than 100, since these domains are co-hosted with more than
100 other domains. Domains whose visitors' privacy will meaningfully improve
are far less popular, while for popular domains the benefit is not significant.
Analyzing the dynamics of IP addresses of long-lived domains, we find that only
7.7% of them change their hosting IP addresses on a daily basis. We conclude by
discussing potential approaches for website owners and hosting/CDN providers
for maximizing the privacy benefits of ESNI.Comment: In Proceedings of the 15th ACM Asia Conference on Computer and
Communications Security (ASIA CCS '20), October 5-9, 2020, Taipei, Taiwa
Survey of End-to-End Mobile Network Measurement Testbeds, Tools, and Services
Mobile (cellular) networks enable innovation, but can also stifle it and lead
to user frustration when network performance falls below expectations. As
mobile networks become the predominant method of Internet access, developer,
research, network operator, and regulatory communities have taken an increased
interest in measuring end-to-end mobile network performance to, among other
goals, minimize negative impact on application responsiveness. In this survey
we examine current approaches to end-to-end mobile network performance
measurement, diagnosis, and application prototyping. We compare available tools
and their shortcomings with respect to the needs of researchers, developers,
regulators, and the public. We intend for this survey to provide a
comprehensive view of currently active efforts and some auspicious directions
for future work in mobile network measurement and mobile application
performance evaluation.Comment: Submitted to IEEE Communications Surveys and Tutorials. arXiv does
not format the URL references correctly. For a correctly formatted version of
this paper go to
http://www.cs.montana.edu/mwittie/publications/Goel14Survey.pd
Hosting Industry Centralization and Consolidation
There have been growing concerns about the concentration and centralization
of Internet infrastructure. In this work, we scrutinize the hosting industry on
the Internet by using active measurements, covering 19 Top-Level Domains
(TLDs). We show how the market is heavily concentrated: 1/3 of the domains are
hosted by only 5 hosting providers, all US-based companies. For the
country-code TLDs (ccTLDs), however, hosting is primarily done by local,
national hosting providers and not by the large American cloud and content
providers. We show how shared languages (and borders) shape the hosting market
-- German hosting companies have a notable presence in Austrian and Swiss
markets, given they all share German as official language. While hosting
concentration has been relatively high and stable over the past four years, we
see that American hosting companies have been continuously increasing their
presence in the market related to high traffic, popular domains within ccTLDs
-- except for Russia, notably.Comment: to appear in IEEE/IFIP Network Operations and Management Symposium
https://noms2022.ieee-noms.org
- …