Statistical Analysis of Malformed Packets and Their Origins in the Modern Internet
Display Full Text |
Download Full Text
339.91 kB PDF file
With the tremendous growth of Internet resources, we observe a rapid increase in the number of network applications and protocol implementations, which are not always thoroughly evaluated and tested. A growing number of network attacks attempt to disrupt legitimate communication or deny access to network resources to legitimate users. Both poor implementations and intentional abuse of network resources “pollute” a network with malformed packets and can become a threat to sound communication. In this work, we collect and analyze all of the IP and TCP headers of packets seen on a network that either violate existing standards or should not appear in modern internets. Our goal is to determine the reason that these packets appear on the network and evaluate what proportion of such packets could cause actual damage. Thus, we examine and divide the unusual packets obtained during our experiments into several categories based on their possible cause, which ranges from errors in network implementations to carefully constructed attack packets, and show the results. The traces analyzed were gathered at two different data sources at Ohio University’the university’s main Internet link connecting it to its ISP and a local network with student dormitory traffic – and provide a massive amount of statistical data.
Document number: ohiou1013543289
Permalink: http://rave.ohiolink.edu/etdc/view?acc_num=ohiou1013543289
This ETD has been downloaded 356 times (through March 2013)
© 2002, all rights reserved.
This open access ETD is published by
Ohio University and OhioLINK.
Refworks
