Shuai Wang (Zhongguancun Laboratory), Ruifeng Li (Zhongguancun Laboratory), Li Chen (Zhongguancun Laboratory), Dan Li (Tsinghua University), Lancheng Qin (Zhongguancun Laboratory), Qian Cao (Zhongguancun Laboratory)

Source IP address spoofing facilitates various malicious attacks, and Outbound Source Address Validation (OSAV) remains the best current practice for preventing spoofed packets from exiting a network. Accurately measuring OSAV deployment is essential for investigating the Internet’s vulnerability to IP spoofing. However, such measurements typically require sending spoofed packets from within the tested network, necessitating cooperation from network operators.

This paper introduces OSAVRoute, the first non-cooperative system capable of capturing fine-grained characteristics of OSAV deployment. Unlike existing non-cooperative methods that can only identify the absence of OSAV, OSAVRoute identifies both the presence and absence of OSAV, and further measure its blocking granularity and blocking depth, achieving capabilities previously limited to cooperative methods. OSAVRoute accomplishes this by explicitly tracing the forwarding paths of spoofed packets, enabling identification of their generation and propagation behavior. With an accuracy of 99.4% and coverage spanning 3.1× more ASes than CAIDA Spoofer, OSAVRoute reveals that 84.2% of the tested ASes do not deploy OSAV, particularly among ISP networks. Among networks that implement OSAV, 95.5% block spoofed packets within the first two IP hops but exhibit various blocking granularities, with /22 to /24 being the most common. Additionally, we reveal, for the first time, a positive correlation between MANRS participation and OSAV deployment.

View More Papers

Minding the Gap: Bridging Causal Disconnects in System Provenance

Hanke Kimm (Stony Brook University, NY, USA), Sagar Mishra (Stony Brook University, NY, USA), R. Sekar (Stony Brook University, NY, USA)

Read More

The Heat is On: Understanding and Mitigating Vulnerabilities of...

Sri Hrushikesh Varma Bhupathiraju (University of Florida), Shaoyuan Xie (University of California, Irvine), Michael Clifford (Toyota InfoTech Labs), Qi Alfred Chen (University of California, Irvine), Takeshi Sugawara (The University of Electro-Communications), Sara Rampazzi (University of Florida)

Read More

Hey there! You are using WhatsApp: Enumerating Three Billion...

Gabriel K. Gegenhuber (University of Vienna, Faculty of Computer Science and UniVie Doctoral School Computer Science), Philipp E. Frenzel (SBA Research), Maximilian Günther (University of Vienna, Faculty of Computer Science), Johanna Ullrich (University of Vienna, Faculty of Computer Science), Aljosha Judmayer (University of Vienna, Faculty of Computer Science)

Read More