Archive for May, 2015

CAIDA takes over stewardship of Spoofer Project infrastructure

Thursday, May 28th, 2015 by Matthew Luckie

Originally started by Rob Beverly while a graduate student at MIT, the Spoofer project attempts to measure the Internet’s susceptibility to spoofed source address IP packets. From Rob’s original project web page (now moved to CAIDA, see below):

Malicious users capitalize on the ability to “spoof” source IP addresses for anonymity, indirection, targeted attacks and security circumvention. Compromised hosts on networks that permit IP spoofing enable a wide variety of attacks.

The project never had dedicated funding, but Rob believed that empirical data on how many networks permitted spoofing was important, so he kept the web site alive. In collaboration with him, we submitted a proposal to improve the measurement and analysis capabilities to inform one of the most important challenges in cybersecurity today: improving network hygiene to reduce the threat of the longest standing vector of attack on Internet infrastructure.
In addition to enabling us to provide estimates of how many networks allow packets with forged source addresses to leave their networks, we can use measurements from this infrastructure, in combination with other sources of data, to analyze the geographic, economic, and governance characteristics of networks that allow spoofing, versus those that do not, as well as trends over time of this network security hygiene policy.

This month, we celebrate a transition point in this project: in collaboration with Rob, we migrated the Spoofer software services to a new server on the machine room floor at the San Diego Supercomputer Center at UCSD, and, more relevant to users, we have released new clients for Microsoft Windows, Mac OS X, and Linux. We encourage users and operators to download and run the new clients to help measure the Internet’s susceptibility to spoofed source-addressed IP packets. Feedback is greatly appreciated as we expand functionality and hopefully footprint of this critical infrastructure security analysis project.

This research and infrastructure development effort is supported by an award from the Department of Homeland Security, Science and Technology Directorate.

Workshop on Internet Economics (WIE2014) Final Report

Tuesday, May 19th, 2015 by kc

The final report for our Workshop on Internet Economics (WIE2014) is available for viewing. The abstract:

On December 10-11 2014, we hosted the 4th interdisciplinary Workshop on Internet Economics (WIE) at the UC San Diego’s Supercomputer Center. This workshop series provides a forum for researchers, Internet facilities and service providers, technologists, economists, theorists, policy makers, and other stakeholders to inform current and emerging regulatory and policy debates. The objective for this year’s workshop was a structured consideration of whether and how policy-makers should try to shape the future of the Internet. To structure the discussion about policy, we began the workshop with a list of potential aspirations for our future telecommunications infrastructure (a list we had previously collated), and asked participants to articulate an aspiration or fear they had about the future of the Internet, which we summarized and discussed on the second day. The focus on aspirations was motivated by the high-level observation that before discussing regulation, we must agree on the objective of the regulation, and why the intended outcome is justified. In parallel, we used a similar format as in previous years: a series of focused sessions, where 3-4 presenters each prepared 10-minute talks on issues in recent regulatory discourse, followed by in-depth discussions. This report highlights the discussions and presents relevant open research questions identified by participants.

See the full workshop report at http://www.caida.org/publications/papers/2015/wie2014_report/

Slides from workshop presentations are available at http://www.caida.org/workshops/wie/1412/

Draft white paper that motivated the workshop at:
http://www.caida.org/publications/papers/2015/inventory_aspirations_internets_future/