General Information

Student:
Jonathan Haber
Office:
CoRE 450
School:
Tufts University
E-mail:
HiJon89@Yahoo.com
Project:
Susceptibility of IP Traceroute to Falsification

Project Description

IP traceroute is a mechanism by which one can determine what Internet path is used to carry traffic for a source-destination pair. Several traceroute-probe methods exist, although many computer systems come with a built-in standard traceroute tool. Although networks concerned with revealing their topology in response to traceroute probes can simply drop traceroute-response packets, there may be reasons to falsify the responses (rather than hide them). For example, a network operator may want to lie and convince others that a path offered is much shorter than it actually is. The purpose of this project is twofold: First, considering the various traceroute methods available, is it possible to design algorithms that can detect a traceroute probe and provide consistent, false answers? Second, if it is possible to do so, is it possible to develop a new probing strategy that can reveal or bypass false responses?


Weekly Log

Week 1: Did background reading to get acquainted with the problem.

Week 2: Narrowed my focus, devised plan of attack, and prepared first presentation.

Week 3: Began to implement new traceroute method using hping. hping is a utility that makes it easy to craft custom packets and capture incoming packets. The utility runs inside of a Tcl interepreter so all of Tcl's scripting abilities may be used within hping scripts.

Week 4: Completed multiple hping scripts to execute the individual parts of the traceroute. These are:

  • tracesend.htcl - sends the probes
  • tracerecv.htcl - captures incoming packets
  • tracefind.htcl - searches captured packets for responses to probes
  • tracelookup.htcl - does a reverse DNS lookup on the IP's that responded to probes
  • traceprint.htcl - Prints the results of the traceroute

Week 5: Completed Bash shell script to coordinate the hping scripts.

Week 6: Began to collect data. Ran traceroutes to the same hosts using both the new and old traceroute methods.

Week 7: Tweaked new traceroute implementation after analyzing initial data. Prepared final presentation on my results thus far.

Week 8: Made an overview of where I am in my research. Compiled my results to date and devised a plan going forward.


Presentations


First Presentation

Final Presentation

Additional Information

My Mentors