Detecting Cellular Middleboxes Using Passive Measurement Techniques

Goel, Utkarsh; Steiner, Moritz; Wittie, Mike P.; Flack, Martin; Ludin, Stephen

doi:10.1007/978-3-319-30505-9_8

Cited by 14 publications

(17 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Methodologies to detect proxies, and more generally middleboxes, are diverse and can rely on active measurements as well as passive measurements [15]. Mobile Tracebox [16], belongs to the first school of thought: it sends specially crafted packets to highlight intermediate boxes that modify those packets or alter the path between source and destination.…”

Section: Mobile Traceboxmentioning

confidence: 99%

Hic Sunt Proxies: Unveiling Proxy Phenomena in Mobile Networks

Zullo

Pescapè

Edeline

et al. 2019

2019 Network Traffic Measurement and Analysis Conference (TMA)

View full text Add to dashboard Cite

Over the years middleboxes have established themselves as a solution to a wide range of networking issues, progressively changing network landscape and turning the endto-end principle into a reminder of an Arcadian age of the Internet. Among them, proxies have found breeding ground especially in mobile networks that, moreover, have become the most popular way to access the Internet. In this paper, we present Mobile Tracebox, an Android measurement tool, and describe how its methodology, coping with the lack of privileges of mobile devices, can not only detect proxies but also characterize different facets, from their transport layer behavior to their location inside the network. Data collected from a crowdsourced deployment over more than 90 carriers and 350 Wi-Fi networks contributes to describe the potential of the tool and to draw a panorama of proxies across mobile networks. Our study confirms their prevalence and reveals that their scope is not limited to HTTP but can include several TCP services and even non standard ports. We detail the different implementations observed and delve into specific aspects of their configuration, like the initial Receive Window, the Window Scale factor or the set of Options supported, to understand how proxies can affect performance or obstruct extensions. Finally, we focus on fingerprinting and attempt to draw a dividing line between packet modifications performed by proxies and those performed by other classes of middleboxes.

show abstract

Section: Mobile Traceboxmentioning

confidence: 99%

Hic Sunt Proxies: Unveiling Proxy Phenomena in Mobile Networks

Zullo

Pescapè

Edeline

et al. 2019

2019 Network Traffic Measurement and Analysis Conference (TMA)

View full text Add to dashboard Cite

show abstract

“…Detection through passive measurement is also possible [20] but, as middleboxes are usually designed to be transparent, methods often resort to active probing to force the box to reveal its presence. Mobile Tracebox relies on an active measurement paradigm by sending specially crafted packets and retrieving them after modifications occur.…”

Section: Mobile Traceboxmentioning

confidence: 99%

Hic sunt NATs: Uncovering address translation with a smart traceroute

Zullo

Pescapè

Edeline

et al. 2017

2017 Network Traffic Measurement and Analysis Conference (TMA)

View full text Add to dashboard Cite

Abstract-Middleboxes are pervasive in today's Internet as they are deployed for an increasing number of reasons. An example is the network address translation (NAT), one of the first task to be performed to cope with the lack of IPv4 addresses. Recently the landscape for NATs has become even more crowded, especially in mobile networks, mainly due to the impossibility of IPv6 to be a large-scale solution to addressing issues. In this paper, we present a novel methodology for detecting NATs embodied in Mobile Tracebox, a measurement tool for Android smart devices that detects a wide range of middleboxes. It analyzes ICMP time-exceeded messages received during traceroute and points at IP and transport checksum inconsistencies in the embedded packets to uncover address translation along a path. We deployed Mobile Tracebox through a crowdsourcing approach and used the collected dataset to validate our methodology. Results showed that, in absence of middleboxes breaking traceroute, it can help to detect and locate NATs in the majority of the cases.

show abstract

“…Protocol Enhancing Proxies are therefore currently considered an important tool by operators needing to support long network paths. They are widely used for satellite broadband access and also in mobile operator networks to ensure acceptable web performance without the need to update or configure client equipment [36].…”

Section: Implication and Opportunities For Peps When Using Long Netwomentioning

confidence: 99%

“…Perhaps most significantly, current application PEPs are incompatible with the end-to-end security model of HTTPS and HTTP/2 and need to break this model to enable acceleration. The volume of encrypted HTTP traffic continues to grow [37], and many networks enable such proxies by installing root certificates in user devices to sign the HTTPS objects requested by the user [36]. This allows a TLS connection to be split at an application-layer PEP but breaks the end-to-end integrity of the connection [43] and is only possible in scenarios where the network administrator has access to user devices (e.g.…”

Section: Implication and Opportunities For Peps When Using Long Netwomentioning

confidence: 99%

“…This allows a TLS connection to be split at an application-layer PEP but breaks the end-to-end integrity of the connection [43] and is only possible in scenarios where the network administrator has access to user devices (e.g. common for handheld devices on a mobile operator network [36]). All PEPs introduce an additional service element that can ossify the network, unless the element continues to be updated, for example, tracking changes in application semantics, such as introduction of HTTP/2 methods, or changes in transport protocol design or usage.…”

Section: Implication and Opportunities For Peps When Using Long Netwomentioning

confidence: 99%

See 1 more Smart Citation

Performance analysis of next generation web access via satellite

Secchi

Mohideen

Fairhurst

2016

Satell Commun Network

View full text Add to dashboard Cite

Summary Responsiveness is a critical metric for web performance. Recent work in the Internet Engineering Task Force (IETF) and World Wide Web Consortium (W3C) has resulted in a new set of web protocols, including definition of the hypertext transfer protocol version 2 (HTTP/2) and a corresponding set of TCP updates. Together, these have been designed to reduce the web page download latency compared with HTTP/1.1. This paper describes the main features of the new protocols and discusses the impact of path delay on their expected performance. It then presents a set of tests to evaluate whether current implementations of the new protocols can offer benefit with an operational satellite access network and suggests how the specifications can evolve and be tuned to further enhance performance for long network paths. Copyright © 2016 John Wiley & Sons, Ltd.

show abstract

Detecting Cellular Middleboxes Using Passive Measurement Techniques

Cited by 14 publications

References 11 publications

Hic Sunt Proxies: Unveiling Proxy Phenomena in Mobile Networks

Hic Sunt Proxies: Unveiling Proxy Phenomena in Mobile Networks

Hic sunt NATs: Uncovering address translation with a smart traceroute

Performance analysis of next generation web access via satellite

Contact Info

Product

Resources

About