How Distance-Bounding Can Detect Internet Traffic Hijacking

We propose a two-party cryptographic protocol for detecting traffic hijacking over the Internet. Our proposal relies on a distance-bounding mechanism that measures the round-trip time of packets to decide whether an attack is ongoing. The protocol requires only two cryptographic operations per execution which leads to very few additional workload for the users. We demonstrate the efficiency of the protocol using large-scale experiments and we discuss the choice of the decision function w.r.t. the false positive and negative cases.

1. 1.

   https://www.ripe.net/publications/news/industry-developments/youtube-hijacking-a-ripe-ncc-ris-case-study.

2. 2.

   https://arstechnica.com/information-technology/2010/11/how-china-swallowed-15-of-net-traffic-for-18-minutes/.

3. 3.

   https://arstechnica.com/information-technology/2019/06/bgp-mishap-sends-european-mobile-traffic-through-china-telecom-for-2-hours/.

4. 4.

   https://www.nxp.com/docs/en/data-sheet/MF1P(H)x2_SDS.pdf.

5. 5.

   https://www.nxp.com/docs/en/data-sheet/MF3DHx3_SDS.pdf.

6. 6.

   For the sake of clarity, we assume that the k packets are consecutive, but this assumption is actually not necessary.

7. 7.

   We elaborate on how a relay node was implemented on Sect. 4.

8. 8.

   We describe the four other tests in Appendix A and we show how they perform in Appendix B.

9. 9.

   Note that traceroute can only deliver a probable and punctual estimation of the route between two points, such a route can change over time.

Authors and Affiliations

1. Orange Labs, 4 rue du Clos Courtel, 35510, Cesson Sévigné, France

   Ghada Arfaoui

2. Orange Labs, 42 rue des Coutures, 14000, Caen, France

   Olivier Gimenez & Jacques Traoré

3. INSA Rennes, University of Rennes, IRISA, CNRS, Rennes, France

   Gildas Avoine & Olivier Gimenez

Corresponding author

Correspondence to Olivier Gimenez .

Editors and Affiliations

1. University of Padua, Padua, Italy

   Mauro Conti

2. Centrum Wiskunde & Informatica, Amsterdam, The Netherlands

   Marc Stevens

3. AIT Austrian Institute of Technology, Vienna, Austria

   Stephan Krenn

A Description of Other Candidates for the Decision Function

We initially selected 4 other candidates for potential decision function. We did identical experiments to decide which one was the most efficient. Some test showed acceptable results but none was as precise as the one presented in Sect. 3.3. We present here the tests and their results.

1.1 A.1 Average Position

This test computes the mean of samp \(\mu _{samp}\) and computes the \(80\%\)-density interval \(I_80(ref)\) of ref. It returns 1 if \(\mu _{samp} \in I_{80}(ref)\), 0 otherwise.

1.2 A.2 \(10\%\)-Minimum Overlap

This test computes the first decile of the both samples \(q_{10}(samp)\), \(q_{10}(ref)\) and consider the intervals \(I=[min(samp),q_{10}(samp)]\) and \(I'=[min(ref),q_{10}(ref)]\). It returns 1 if at least \(50\%\) of I overlaps \(I'\), that is to say if: \(\frac{len(I\cap I')}{len(I)}>0.5\). It returns 0 otherwise.

1.3 A.3 \(50\%\)-Minimum Overlap

This test computes the median of the both samples \(q_{50}(samp)\), \(q_{50}(ref)\) and consider the intervals \(I=[min(samp),q_{50}(samp)]\) and \(I'=[min(ref),q_{50}(ref)]\). It returns 1 if at least \(50\%\) of I overlaps \(I'\), that is to say if: \(\frac{len(I\cap I')}{len(I)}>0.5\). It returns 0 otherwise.

1.4 A.4 Density Match

This test computes \(80\%\)-density interval \(I_{80}(ref)\) and checks the proportion p of elements of samp being in this interval. It returns 1 if \(p>0.5\) , 0 otherwise

B Experiments for all the Tests

(See Tables 4, 5, 6 and 7)

Reprints and permissions

© 2021 Springer Nature Switzerland AG

Policies and ethics