Pushing Alias Resolution to the Limit
Taha Albakour, Oliver Gasser, Georgios Smaragdakis
TL;DR
This paper enhances IP alias resolution by leveraging multiple protocols and TCP handshake responses, significantly increasing alias and dual-stack discovery compared to existing methods.
Contribution
It introduces a novel approach that combines protocol responses during TCP handshakes to improve alias resolution and dual-stack inference accuracy.
Findings
Doubles the number of IPv4 alias sets discovered.
Increases dual-stack set discovery by over 30 times.
Provides insights into method accuracy and performance.
Abstract
In this paper, we show that utilizing multiple protocols offers a unique opportunity to improve IP alias resolution and dual-stack inference substantially. Our key observation is that prevalent protocols, e.g., SSH and BGP, reply to unsolicited requests with a set of values that can be combined to form a unique device identifier. More importantly, this is possible by just completing the TCP hand-shake. Our empirical study shows that utilizing readily available scans and our active measurements can double the discovered IPv4 alias sets and more than 30x the dual-stack sets compared to the state-of-the-art techniques. We provide insights into our method's accuracy and performance compared to popular techniques.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsTransplantation: Methods and Outcomes · Internet Traffic Analysis and Secure E-voting · Network Security and Intrusion Detection