Departmental Papers (CIS)
Date of this Version
Andreas Haeberlen, Pedro Fonseca, Rodrigo Rodrigues, and Peter Druschel, "Fighting Cybercrime with Packet Attestation", . July 2011.
IP source addresses are often the only initial lead when investigating cybercrime in the Internet. Unfortunately, source addresses are easily forged, which can protect the culprits and lead to false accusations. We describe a new method for packet attestation in the Internet. Packet attestation establishes whether or not a given IP packet was sent by a particular network subscriber. This capability allows network operators to verify the source of malicious traffic and to validate complaints, identity requests, and DMCA take-down notices against their clients. As a result, innocent users cannot be falsely accused, while the culprits no longer enjoy plausible deniability. Support for packet attestation can be deployed incrementally by ISPs, and requires no changes to end hosts or to the network core.
Date Posted: 20 July 2012
Haeberlen, A., Fonseca, P., Rodrigues, R., & Druschel, P., Fighting Cybercrime with Packet Attestation, Technical Report MPI-SWS-2011-002