BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Network Hygiene\, Incentives\, and Regulation: Deployment of Sourc
 e Address Validation in the Internet - Matthew Luckie(University of Waikat
 o)
DTSTART:20191114T150000Z
DTEND:20191114T160000Z
UID:TALK134830@talks.cam.ac.uk
CONTACT:Marco Caballero
DESCRIPTION:Abstract:\nThe Spoofer project (https://spoofer.caida.org/) ha
 s collected data on\nthe deployment and characteristics of IP source addre
 ss validation on\nthe Internet since 2005. Data from the project comes fro
 m participants\nwho install an active probing client that runs in the back
 ground. The\nclient automatically runs tests both periodically and when it
  detects\na new network attachment point. We analyze the rich dataset of S
 poofer\ntests in multiple dimensions: across time\, networks\, autonomous\
 nsystems\, countries\, and by Internet protocol version. In our data for\n
 the year ending August 2019\, at least a quarter of tested autonomous\nsys
 tems did not filter packets with spoofed source addresses leaving\ntheir n
 etworks.  We show that routers performing Network Address\nTranslation do 
 not always filter spoofed packets\, as 6.4% of IPv4/24\ntested in the year
  ending August 2019 did not filter. Worse\, at least\ntwo thirds of tested
  ASes did not filter packets entering their\nnetworks with source addresse
 s claiming to be from within their\nnetwork that arrived from outside thei
 r network. We explore several\napproaches to encouraging remediation and t
 he challenges of evaluating\ntheir impact. While we have been able to reme
 diate 352 IPv4/24\, we\nhave found an order of magnitude more IPv4/24 that
  remains\nunremediated\, despite myriad remediation strategies\, with 21%\
 nunremediated for more than six months. Our analysis provides the most\nco
 mplete and confident picture of the Internet's susceptibility to\ndate of 
 this long-standing vulnerability. Although there is no simple\nsolution to
  address the remaining long-tail of unremediated networks\,\nwe conclude w
 ith a discussion of possible non-technical interventions\,\nand demonstrat
 e how the platform can support evaluation of the impact\nof such intervent
 ions over time.\n\nBio:\nMatthew Luckie is a Senior Lecturer at the Univer
 sity of Waikato in\nNew Zealand\, whose research interests are in measurem
 ent and analysis\nof the Internet at scale.  His focus is mostly in Intern
 et routing and\ntopology\, but he has some interest in Internet security. 
  His work has\nreceived best paper awards at ACM SIGCOMM (2018)\, ACM IMC 
 (2015)\, and\nACM CoNEXT (2015).  His homepage is at https://www.caida.org
 /~mjl/
LOCATION:Lecture Theatre 2\, Computer Laboratory\, William Gates Building
END:VEVENT
END:VCALENDAR