Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis
www.caida.org > funding : ddos-aspire
ASPIRE - Augment Spoofer Project to Improve Remediation Efforts
The overarching objective of our project is to promote using Source Address Validation Best Current Practices (SAV BCP) by networks around the world.

Funding source: DHS S&T contract 140D7018C0010. Period of performance: September 20, 2018 - September 19, 2020.

|   Statement of Work     Proposal    Spoofer Project Page   |

Statement of Work

With previous DHS funding, we have re-designed, re-implemented, deployed, and operated a secure measurement infrastructure Spoofer that supports large-scale studies of anti-spoofing measures deployed (or not) in the global Internet. Yet, we have realized that there is a gap between generating security hygiene data and achieving remediation at scale. Thus, the tasks for the current project are focused on remediation efforts.

  •  Year 1 : Spoofer System Development and Improvement
  •  Year 2 : Analysis of the Extent and Impact of Wide Spoofer Deployment

Year 1 - Spoofer System Development and Improvement

Task 1: Continue Spoofer operations and improve the project reporting web site.
1.1Operate Spoofer platform
1.2Support Spoofer users, process their feedback, and improve their experience
1.3Upgrade the operating system on the spoofer servers to a supported version of FreeBSD
1.4Upgrade the community software used in the project:

(a) Apache webserver
(b) MySQL database
(c) PHP web scripting language
1.5Improve the reporting web site:

(a) parameterize the storage of traces in the database
(b) implement timestamp validation in the reporting software module
(c) produce quarterly reports on the project web site
1.6Update the server software to respond to clients behind NATs
1.7Update the Spoofer client-server software as needed to keep up with updates in popular OSes
Task 2: Explore methods to stimulate remediation activities
2.1Improve the content and targeting of automated email notifications sent to network operator groups (NOGs)
2.2Participate in forums and meetings of region-specific NOGs
2.3Create region-level automated reporting of networks repeatedly ignoring our notifications and failing to deploy anti-spoofing measures
2.4Develop a system for ASes to register for ongoing notifications about their SAV status

Milestones and Deliverables Year 1

#MilestoneDeliverableDateStatus
1Status report on deployment of anti-spoofing best practicesReportQuarterly
2Expand our contacts with regional NOGs Jan 20, 2019
3Deploy updated reporting web siteSoftwareMar 20, 2019
4Open up registration for automated AS-specific reportingMar 20, 2019
5Release client-server testing softwareSoftwareJun 20, 2019
6Start sending notifications to registered ASesJul 20, 2019
7Update approach to measuring deployment of SAV BCPReportSep 20, 2019
8Update client/server software for compatibility with newer OSesSoftwareas needed

Year 2 - Analysis of the Extent and Impact of Wide Spoofer Deployment

Task 1: Continue Spoofer operations and improve the project reporting web site.
1.1Operate Spoofer platform
1.2Support Spoofer users, process their feedback, and improve their experience
1.3Improve the reporting web site:

(a) implement traceroute parsing to look up and store ASN of traceroute hops
(b) incorporate router addresses into the public AS-level graph
(c) add AS names to the public AS-level graph
(d) produce quarterly reports on the project web site
(e) produce non-anonymized reports for authorized users
1.4Promote and maintain the OpenWrt version of Spoofer client
1.5Explore Spoofer implementations for other open source home router platforms
1.6Update the Spoofer client-server software as needed to keep up with updates in popular OSes
Task 2: Explore economic and regulatory levers for SAV deployment.
2.1Analyze data on remediation efforts from networks in different countries
2.2Expand notifications to include more countries
2.3Analyze the advantages of using the registration system vs. unverified contacts

• compare the incidents of remediation between registered and non-registered ASes
2.4Report on investigation, analysis, and execution of incentive-creation scenarios for SAV deployment

(a) include feedback from public/private sector stakeholders
(b) present the results to operational community (NANOGs, RIPE)
(c) present the results to academic researchers (TPRC)
(d) market use of Spoofer data for security risk analysis and risk management (insurance)

Milestones and Deliverables Year 2

#MilestoneDeliverableDateStatus
1Status report on deployment of anti-spoofing best practicesReportQuarterly
2Release client-server testing softwareSoftwareDec 20, 2019
3AS-level registration systemSoftwareMay 20, 2020
4Final release of Spoofer client-serverSoftwareJun 20, 2020
5Improved AS-level graph visualization SoftwareJul 20, 2020
6Finish analysis of marketing/technology transition effortsPaper (submitted)Sep 20, 2020
7Update approach to measuring deployment of SAV BCPReportSep 20, 2020
8Update client/server software for compatibility with newer OSesSoftwareas needed
  Last Modified: Thu Nov-8-2018 16:36:39 PST
  Page URL: http://www.caida.org/funding/ddos-aspire/index.xml