Mark Allman / ICSI @mallman_icsi

Ryan Craven, Robert Beverly, Mark Allman. Techniques for the Detection of Faulty Packet Header Modifications. Technical Report NPS-CS-14-002, Naval Postgraduate School, March 2014.
PDF | Project


Understanding, measuring, and debugging IP networks, particularly across administrative domains, is challenging. Compounding the problem are transparent in-path appliances and middleboxes that can be difficult to manage and sometimes left out-of-date or misconfigured. As a result, packet headers can be modified in unexpected ways, negatively impacting end-to-end performance. We discuss the impact of such packet header modifications, present an array of techniques for their detection, and define strategies to add tamper-evident protection to our detection techniques. We select a solution for implementation into the Linux TCP stack and use it to examine real-world Internet paths. We discover various instances of in-path modifications and extract lessons learned from them to help drive future design efforts.


    author      =        "Ryan Craven and Robert Beverly and Mark Allman",
    title       =        "{Techniques for the Detection of Faulty Packet Header Modifications}",
    institution =        "Naval Postgraduate School",
    year        =        2014,
    number      =        "NPS-CS-14-002",
    month       =        mar,

An later version of this technical report appears in SIGCOMM 2014 and is available here.
"We are what we repeatedly do. Excellence, then, is not an act, but a habit." --Aristotle