Publications

Insights into SAV Implementations in the Internet

AuthorSchulmann, Haya; Zhao, Shujie
Date2024
TypeConference Paper
AbstractSource Address Validation (SAV) is designed to block packets with spoofed IP addresses. Obtaining insights into the deployment and implementation of SAV is essential for understanding the potential impact of attacks that exploit spoofed IP addresses and also poses an interesting research question. No current approaches for identifying networks that enforce SAV can infer information on the specific SAV techniques employed by the network operators. To address this gap, we present the first study of the SAV implementation techniques: Access Control Lists (ACLs) and unicast Reverse Path Forwarding (uRPF). While uRPF is more effective than ACLs, our large-scale Internet measurement reveals that network operators underutilize uRPF. Our study highlights the need for increased efforts to incentivize uRPF adoption and achieve broader network security benefits.
ConferenceInternational Conference on Passive and Active Measurement 2024
Urlhttps://publica.fraunhofer.de/handle/publica/473937