Deployment of Source Address Validation by Network Operators
A Randomized Control Trial
Qasim Lone (TU Delft - Organisation & Governance)
Alisa Frik (University of California)
Matthew Luckie (University of Waikato, Hamilton)
MacIej Korczyński (Université Grenoble Alpes)
MJG Van Eeten (TU Delft - Organisation & Governance)
Carlos Hernandez Hernandez Ganan (TU Delft - Organisation & Governance)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
IP spoofing, sending IP packets with a false source IP address, continues to be a primary attack vector for large-scale Denial of Service attacks. To combat spoofing, various interventions have been tried to increase the adoption of source address validation (SAV) among network operators. How can SAV deployment be increased? In this work, we conduct the first randomized control trial to measure the effectiveness of various notification mechanisms on SAV deployment. We include new treatments using nudges and channels, previously untested in notification experiments. Our design reveals a painful reality that contrasts with earlier observational studies: none of the notification treatments significantly improved SAV deployment compared to the control group. We explore the reasons for these findings and report on a survey among operators to identify ways forward. A portion of the operators indicate that they do plan to deploy SAV and ask for better notification mechanisms, training, and support materials for SAV implementation.