SPINE: Surveillance protection in the network elements

Trisha Datta, Nick Feamster, Jennifer Rexford, Liang Wang

Research output: Contribution to conferencePaperpeer-review

Abstract

Internet Protocol (IP) addresses can reveal information about communicating Internet users and devices, even when the rest of the traffic between them is encrypted. At the same time, IP addresses serve as endpoints for network-layer communication and, as a result, are typically visible to the intermediate routers to allow them to forward traffic to its ultimate destination. Previous approaches to obfuscate the IP addresses of the sender and receiver commonly depend on either custom user software (e.g., Tor browser) or significant modifications to network hardware along the end-to-end path (which has proved to be a major roadblock). SPINE, on the other hand, conceals IP addresses and relevant TCP fields from intermediate—and potentially adversarial—autonomous systems (ASes) but requires only two participating ASes and no cooperation from end hosts. To demonstrate SPINE’s practicality, we have implemented it on commodity programmable switches using the P4 programming language. Our evaluation shows that SPINE can run at hardware rates on commodity switches, paving the way to real-world deployment.

Original languageEnglish (US)
StatePublished - Jan 1 2019
Event9th USENIX Workshop on Free and Open Communications on the Internet, FOCI 2019, co-located with USENIX Security 2019 - Santa Clara, United States
Duration: Aug 13 2019 → …

Conference

Conference9th USENIX Workshop on Free and Open Communications on the Internet, FOCI 2019, co-located with USENIX Security 2019
Country/TerritoryUnited States
CitySanta Clara
Period8/13/19 → …

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Software

Fingerprint

Dive into the research topics of 'SPINE: Surveillance protection in the network elements'. Together they form a unique fingerprint.

Cite this