Leveraging Active Decremental TTL Measuring for Flexible and Efficient NAT Identification  被引量:1

在线阅读下载全文

作  者:Tao Yang Chengyu Wang Tongqing Zhou Zhiping Cai Kui Wu Bingnan Hou 

机构地区:[1]National University of Defense Technology,Changsha,410073,China [2]Department of Computer Science,University of Victoria,Canada

出  处:《Computers, Materials & Continua》2022年第3期5179-5198,共20页计算机、材料和连续体(英文)

基  金:The work is supported by the National Key Research and Development Program of China(2018YFB1800202);the NUDT Research Grants(No.ZK19-38).

摘  要:Malicious attacks can be launched by misusing the network address translation technique as a camouflage.To mitigate such threats,network address translation identification is investigated to identify network address translation devices and detect abnormal behaviors.However,existingmethods in this field are mainly developed for relatively small-scale networks and work in an offline manner,which cannot adapt to the real-time inference requirements in high-speed network scenarios.In this paper,we propose a flexible and efficient network address translation identification scheme based on actively measuring the distance of a round trip to a target with decremental time-tolive values.The basic intuition is that the incoming and outgoing traffic froma network address translation device usually experiences the different number of hops,which can be discovered by probing with dedicated time-to-live values.We explore a joint effort of parallel transmission,stateless probes,and flexible measuring reuse to accommodate the efficiency of the measuring process.We further accelerate statistical countingwith a new sublinear space data structure Bi-sketch.We implement a prototype and conduct real-world deployments with 1000 volunteers in 31 Chinese provinces,which is believed to bring insight for ground truth collection in this field.Experiments onmulti-sources datasets show that our proposal can achieve as high precision and recall as 95%with a traffic handling throughput of over 106 pps.

关 键 词:Network address translation NAT security NAT identification active measurement 

分 类 号:O17[理学—数学]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象