Accession Number : ADA606937


Title :   Design and Evaluation for the End-to-End Detection of TCP/IP Header Manipulation


Descriptive Note : Doctoral thesis


Corporate Author : NAVAL POSTGRADUATE SCHOOL MONTEREY CA


Personal Author(s) : Craven, Ryan M


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a606937.pdf


Report Date : Jun 2014


Pagination or Media Count : 189


Abstract : Understanding, measuring, and debugging IP networks, particularly across administrative domains, is challenging. One aspect of the challenge are transparent middleboxes, which are now common in today s Internet. In-path middleboxes that modify packet headers are typically transparent to a TCP, yet can impact the end-to-end performance of its connections. Of equal importance, middleboxes cause architectural ossification that hinders network protocol evolution new options or redefined header fields are often misconstrued, modified, or disabled. We develop TCP HICCUPS to reveal packet header manipulation to both endpoints of a TCP connection. HICCUPS adds a lightweight tamper-evident seal to TCP that is incrementally deployable and introduces no new options. HICCUPS provides an optional feature, AppSalt, that allows applications to request added protection for their connection s integrity, making it more difficult for middleboxes to falsify integrity values. HICCUPS is implemented in both an operating system patch to the Linux TCP stack as well as a set of cross-platform user-space tools. To evaluate HICCUPS, we deploy it to a diverse set of Internet nodes spread across 197 networks and 48 countries, measuring packet header manipulations on over 26 thousand directed port/path pairs. We discover over 11 thousand instances of unique non-NAT in-path packet header modifications across those flows, all with the potential to negatively affect TCP performance.


Descriptors :   *COMMUNICATIONS PROTOCOLS , *COMPUTER NETWORKS , *INTERNET , DEBUGGING(COMPUTERS) , DEPLOYMENT , LIGHTWEIGHT , MANIPULATORS , TRAFFIC


Subject Categories : Computer Programming and Software
      Radio Communications


Distribution Statement : APPROVED FOR PUBLIC RELEASE