A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic


Abstract in English

IP spoofing enables reflection and amplification attacks, which cause major threats to the current Internet infrastructure. IP packets with incorrect source addresses would help to improve the situation. This is easy at the attackers network, but very challenging at Internet eXchange Points (IXPs) or in transit networks. In this reproducibility study, we revisit the paper textit{Detection, Classification, and Analysis of Inter-Domain Traffic with Spoofed Source IP Addresses} published at ACM IMC 2017. Using data from a different IXP and from a different time, we were not able to reproduce the results. Unfortunately, our analysis shows that the current state of art does introduce a methodology that does not comply with common real-world deployment.

Download