Projects per year
Abstract
IP spoofing, sending IP packets with a false source IP address, continues to be a primary attack vector for large-scale Denial of Service attacks. To combat spoofing, various interventions have been tried to increase the adoption of source address validation (SAV) among network operators. How can SAV deployment be increased? In this work, we conduct the first randomized control trial to measure the effectiveness of various notification mechanisms on SAV deployment. We include new treatments using nudges and channels, previously untested in notification experiments. Our design reveals a painful reality that contrasts with earlier observational studies: none of the notification treatments significantly improved SAV deployment compared to the control group. We explore the reasons for these findings and report on a survey among operators to identify ways forward. A portion of the operators indicate that they do plan to deploy SAV and ask for better notification mechanisms, training, and support materials for SAV implementation.
| Original language | English |
|---|---|
| Title of host publication | Proceedings - 43rd IEEE Symposium on Security and Privacy, SP 2022 |
| Publisher | IEEE |
| Pages | 2361-2378 |
| Number of pages | 18 |
| ISBN (Electronic) | 9781665413169 |
| DOIs | |
| Publication status | Published - 2022 |
| Event | 43rd EEE Symposium on Security and Privacy (SP) - San Francisco, United States Duration: 22 May 2022 → 26 May 2022 Conference number: 43 https://www.ieee-security.org/TC/SP2022/ |
Conference
| Conference | 43rd EEE Symposium on Security and Privacy (SP) |
|---|---|
| Country/Territory | United States |
| City | San Francisco |
| Period | 22/05/22 → 26/05/22 |
| Internet address |
Bibliographical note
Green Open Access added to TU Delft Institutional Repository 'You share, we take care!' - Taverne project https://www.openaccess.nl/en/you-share-we-take-careOtherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.
Fingerprint
Dive into the research topics of 'Deployment of Source Address Validation by Network Operators: A Randomized Control Trial'. Together they form a unique fingerprint.Projects
- 1 Active
-
Cybersecurity (TPM)
van Eeten, M. J. G., Hernandez Ganan, C., Gürses, F. S., van Wegberg, R. S., Parkin, S. E., Zhauniarovich, Y., van Engelenburg, S. H., Kadenko, N. I., Labunets, K., Akyazi, U., Bouwman, X. B., Jansen, B. A., Kaur, M., Al Alsadi, A., Lone, Q. B., Turcios Rodriguez, E. R., Vermeer, M., van Harten, V. T. C., Vetrivel, S., Oomens, E. (. C. )., Kustosch, L. F., Bisogni, F., Ciere, M., Fiebig, T., Korczynski, M. T., Moreira Moura, G. C., Noroozian, A., Pieters, W., Tajalizadehkhoob, S., Dacier, B. H. A., San José Sanchez, J., Çetin, F. O. & Zannettou, S.
1/01/10 → …
Project: Research