论文信息 - Inflight Modifications of Content: Who Are the Culprits?

Inflight Modifications of Content: Who Are the Culprits?

When a user requests content from a cloud service provider, sometimes the content sent by the provider is modified inflight by third-party entities. To our knowledge, there is no comprehensive study that examines the extent and primary root causes of the content modification problem. We design a lightweight experiment and instrument a vast number of clients in the wild to make two additional DNS queries every day. We identify candidate rogue servers and develop a measurement methodology to determine, for each candidate rogue server, whether the server is performing inflight modifications or not. In total, we discover 349 servers as malicious, that is, as modifying content inflight, and more than 1.9% of all US clients are affected by these malicious servers. We investigate the root causes of the problem. We identify 9 ISPs, whose clients are predominately affected. We find that the root cause is not sophisticated transparent in-network services, but instead local DNS servers in the problematic ISPs.

David A. Maltz | Cheng Huang | Keith W. Ross | Chao Zhang | Jin Li

[1] Eric Rescorla,et al. SSL and TLS: Designing and Building Secure Systems , 2000 .

[2] Tadayoshi Kohno,et al. Detecting In-Flight Page Changes with Web Tripwires , 2008, NSDI.

[3] Boris Nechaev,et al. Netalyzr: illuminating the edge network , 2010, IMC '10.

[4] Michael E. Kounavis,et al. Encrypting the internet , 2010, SIGCOMM '10.

[5] Martín Casado,et al. Peering Through the Shroud: The Effect of Edge Opacity on IP-Based Client Identification , 2007, NSDI.

[6] Rosario Gennaro,et al. How to Sign Digital Streams , 1997, Inf. Comput..

[7] Niels Provos,et al. Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority , 2008, NDSS.

[8] Rob Miller,et al. Automation and customization of rendered web pages , 2005, UIST.

[9] Julien Freudiger,et al. Integrity of the Web Content: The Case of Online Advertising , 2010, CollSec.

[10] Saikat Guha,et al. Challenges in measuring online advertising systems , 2010, IMC '10.

[11] Benjamin Livshits,et al. AjaxScope: a platform for remotely monitoring the client-side behavior of web 2.0 applications , 2007, TWEB.

[12] Albert G. Greenberg,et al. Public DNS system and Global Traffic Management , 2011, 2011 Proceedings IEEE INFOCOM.