Naval Postgraduate School
Dudley Knox Library
NPS Dudley Knox Library
View Item 
  •   Calhoun Home
  • Theses and Dissertations
  • 1. Thesis and Dissertation Collection, all items
  • View Item
  •   Calhoun Home
  • Theses and Dissertations
  • 1. Thesis and Dissertation Collection, all items
  • View Item
  • How to search in Calhoun
  • My Accounts
  • Ask a Librarian
JavaScript is disabled for your browser. Some features of this site may not work without it.

Browse

All of CalhounCollectionsThis Collection

My Account

LoginRegister

Statistics

Most Popular ItemsStatistics by CountryMost Popular Authors

Design and evaluation for the end-to-end detection of TCP/IP header manipulation

Thumbnail
Download
IconThis document is a supplement to the Masters Thesis of Ryan M. Craven, located here: http://calhoun.nps.edu/handle/10945/41959 (85.46Kb)
Icon14Jun_Craven_Ryan.pdf (2.778Mb)
Download Record
Download to EndNote/RefMan (RIS)
Download to BibTex
Author
Craven, Ryan M.
Date
2014-06
Advisor
Beverly, Robert
Metadata
Show full item record
Abstract
Understanding, measuring, and debugging IP networks, particularly across administrative domains, is challenging. One aspect of the challenge are transparent middleboxes, which are now common in today’s Internet. In-path middleboxes that modify packet headers are typically transparent to a TCP, yet can impact the end-to-end performance of its connections. Of equal importance, middleboxes cause architectural ossification that hinders network protocol evolution—new options or redefined header fields are often misconstrued, modified, or disabled. We develop TCP HICCUPS to reveal packet header manipulation to both endpoints of a TCP connection. HICCUPS adds a lightweight tamper-evident seal to TCP that is incrementally deployable and introduces no new options. HICCUPS provides an optional feature, AppSalt, that allows applications to request added protection for their connection’s integrity, making it more difficult for middleboxes to falsify integrity values. HICCUPS is implemented in both an operating system patch to the Linux TCP stack as well as a set of cross-platform user-space tools. To evaluate HICCUPS, we deploy it to a diverse set of Internet nodes spread across 197 networks and 48 countries, measuring packet header manipulations on over 26 thousand directed port/path pairs. We discover over 11 thousand instances of unique non-NAT in-path packet header modifications across those flows, all with the potential to negatively affect TCP performance.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
URI
https://hdl.handle.net/10945/42602
Collections
  • 1. Thesis and Dissertation Collection, all items

Related items

Showing items related by title, author, creator and subject.

  • Thumbnail

    A Middlebox-Cooperative TCP for a non End-to-End Internet 

    Craven, Ryan; Beverly, Robert; Allman, Mark (2014-08);
    Understanding, measuring, and debugging IP networks, particularly across administrative domains, is challenging. One particularly daunting aspect of the challenge is the presence of transparent middleboxes|which are now ...
  • Thumbnail

    TCP-HICCUPS 

    Unknown author (Monterey, California: Naval Postgraduate School., 2014);
    TCP-HICCUPS (Handshake-based Integrity Check of Critical Underlying Protocol Semantics) is a lightweight extension to TCP that can help it infer when it is being misinterpreted due to packet header modifications made by ...
  • Icon

    TCP HICCUPS Linux 3.9.4 kernel patch (supplement to Design and evaluation for the end-to-end detection of TCP/IP header manipulation) 

    Craven, Ryan M. (Monterey, California. Naval Postgraduate School, 2014-06-03);
    This patch for version 3.9.4 of the Linux kernel contains the necessary additions to enable TCP HICCUPS, a lightweight tamper-evident extension to TCP. This version of the patch was used to operate servers for the Internet ...
NPS Dudley Knox LibraryDUDLEY KNOX LIBRARY
Feedback

411 Dyer Rd. Bldg. 339
Monterey, CA 93943
circdesk@nps.edu
(831) 656-2947
DSN 756-2947

    Federal Depository Library      


Start Your Research

Research Guides
Academic Writing
Ask a Librarian
Copyright at NPS
Graduate Writing Center
How to Cite
Library Liaisons
Research Tools
Thesis Processing Office

Find & Download

Databases List
Articles, Books & More
NPS Theses
NPS Faculty Publications: Calhoun
Journal Titles
Course Reserves

Use the Library

My Accounts
Request Article or Book
Borrow, Renew, Return
Tech Help
Remote Access
Workshops & Tours

For Faculty & Researchers
For International Students
For Alumni

Print, Copy, Scan, Fax
Rooms & Study Spaces
Floor Map
Computers & Software
Adapters, Lockers & More

Collections

NPS Archive: Calhoun
Restricted Resources
Special Collections & Archives
Federal Depository
Homeland Security Digital Library

About

Hours
Library Staff
About Us
Special Exhibits
Policies
Our Affiliates
Visit Us

NPS-Licensed Resources—Terms & Conditions
Copyright Notice

Naval Postgraduate School

Naval Postgraduate School
1 University Circle, Monterey, CA 93943
Driving Directions | Campus Map

This is an official U.S. Navy Website |  Please read our Privacy Policy Notice  |  FOIA |  Section 508 |  No FEAR Act |  Whistleblower Protection |  Copyright and Accessibility |  Contact Webmaster

Export search results

The export option will allow you to export the current search results of the entered query to a file. Different formats are available for download. To export the items, click on the button corresponding with the preferred download format.

A logged-in user can export up to 15000 items. If you're not logged in, you can export no more than 500 items.

To select a subset of the search results, click "Selective Export" button and make a selection of the items you want to export. The amount of items that can be exported at once is similarly restricted as the full export.

After making a selection, click one of the export format buttons. The amount of items that will be exported is indicated in the bubble next to export format.