Computer Science ETDs

Publication Date

Spring 4-10-2018

Abstract

Side channel techniques have been developed in recent years to fulfill various tasks in modern computer network measurements. However, due to their nature, these techniques are typically limited in terms of both fidelity and their ability to be used on the real Internet without raising ethical concerns because of packet rates. I propose the next generation of TCP/IP side channel techniques that exploit information flow in modern systems’ network stacks to overcome weaknesses in previous techniques. The proposed work is novel, non-intrusive, and can carry out measurements with high fidelity. I achieved this by deeply understanding the behaviors of modern systems’ network stacks and balancing the trade-offs (e.g. packet rate and fidelity) by applying suitable mathematical models. My work comprises three novel tools which each solve different challenges in current network measurement.

Firstly, I propose an Internet measurement technique for finding machines that are hidden behind firewalls. That is, if a firewall prevents outside IP addresses from sending packets to an internal protected machine that is only accessible on the local network, the technique can still find the machine. Secondly, I present an improved off-path round-trip time (RTT) measurement technique based on [11] that can, with high fidelity, measure the RTT between essentially any two machines (A and B) on the Internet without having special access to A or B or having any presence in the path between A and B. Finally, I proposed a new scanning technique that can perform network measurements such as: inferring TCP/IP-based trust relationships off-path, stealthily port scanning a target without using the scanner’s IP address, or detecting off-path packet drops between two international hosts. The thesis statement of my dissertation is: Previous side channel techniques can be improved and used to solve new challenges in current network measurement based on deeply understanding the modern systems’ network stack behavior and building corresponding mathematical models to balance trade-offs between fidelity and ethical concerns related to packet rates.

Language

English

Keywords

TCP/IP, side channel, network measurement

Document Type

Dissertation

Degree Name

Computer Science

Level of Degree

Doctoral

Department Name

Department of Computer Science

First Committee Member (Chair)

Jedidiah Crandall

Second Committee Member

Patrick Bridges

Third Committee Member

James Plusquellic

Fourth Committee Member

Benjamin Edwards

Share

COinS