Pushing Alias Resolution to the Limit

None, None; None, None; None, None

Pushing Alias Resolution to the Limit

Conference Paper (2023)

Author(s)

Taha Albakour (Technical University of Berlin)

Oliver Gasser (Max Planck Institute)

Georgios Smaragdakis (TU Delft - Cyber Security)

DOI related publication

https://doi.org/10.1145/3618257.3624840 Final published version

To reference this document use

https://resolver.tudelft.nl/uuid:cdbfc085-47d1-410c-af83-72050823b7ae

More Info

expand_more

Publication Year

2023

Language

English

Pages (from-to)

584–590

Event

Downloads counter

217

Collections

Institutional Repository

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

In this paper, we show that utilizing multiple protocols offers a unique opportunity to improve IP alias resolution and dual-stack inference substantially. Our key observation is that prevalent protocols, e.g., SSH and BGP, reply to unsolicited requests with a set of values that can be combined to form a unique device identifier. More importantly, this is possible by just completing the TCP hand-shake. Our empirical study shows that utilizing readily available scans and our active measurements can double the discovered IPv4 alias sets and more than 30× the dual-stack sets compared to the state-of-the-art techniques. We provide insights into our method's accuracy and performance compared to popular techniques.

Files

3618257.3624840.pdf

(pdf | 1.04 Mb)