Ryan Craven, Robert Beverly, Mark Allman. Techniques for the Detection of Faulty Packet Header Modifications. Technical Report NPS-CS-14-002, Naval Postgraduate School, March 2014.
PDF | Project

Abstract:

Understanding, measuring, and debugging IP networks, particularly across administrative domains, is challenging. Compounding the problem are transparent in-path appliances and middleboxes that can be difficult to manage and sometimes left out-of-date or misconfigured. As a result, packet headers can be modified in unexpected ways, negatively impacting end-to-end performance. We discuss the impact of such packet header modifications, present an array of techniques for their detection, and define strategies to add tamper-evident protection to our detection techniques. We select a solution for implementation into the Linux TCP stack and use it to examine real-world Internet paths. We discover various instances of in-path modifications and extract lessons learned from them to help drive future design efforts.

BibTeX:

@techreport{CBA14a,
    author      =        "Ryan Craven and Robert Beverly and Mark Allman",
    title       =        "{Techniques for the Detection of Faulty Packet Header Modifications}",
    institution =        "Naval Postgraduate School",
    year        =        2014,
    number      =        "NPS-CS-14-002",
    month       =        mar,
}

An later version of this technical report appears in SIGCOMM 2014 and is available here.