A Reproducibility Study of "IP Spoofing Detection in Inter-Domain Traffic"
IP spoofing enables reflection and amplification attacks, which cause major threats to the current Internet infrastructure. IP packets with incorrect source addresses would help to improve the situation. This is easy at the attacker's network, but very challenging at Internet eXchange Points (IXPs) or in transit networks. In this reproducibility study, we revisit the paper Detection, Classification, and Analysis of Inter-Domain Traffic with Spoofed Source IP Addresses published at ACM IMC 2017. Using data from a different IXP and from a different time, we were not able to reproduce the results. Unfortunately, our analysis shows that the current state of art does introduce a methodology that does not comply with common real-world deployment.
READ FULL TEXT