Machine Learning Analysis of IP ID Applications

AuthorShulman, Haya; Zhao, Shujie
TypeConference Paper
AbstractThe IP identifier (IP ID) in the IP header has become enormously popular as a side channel leaking valuable information on destinations. In the recent decades, the researchers have exploited the IP ID in a variety of different applications, from estimating outgoing server traffic, to covert communication and to remotely understanding firewall rules and port status. However, the complexity of inferring IP ID due to high fluctuating traffic rates from multiple sources leaves it an open question how practical the applications that leverage IP ID are.We perform the first Internet wide study of IP ID behaviour in the Internet and evaluate how practical it is to build applications on top of IP ID. We analyse experimentally the applications on the dataset of IP ID values that we collected. We show that our SVM classifier can achieve the accuracy of the IP ID prediction of more than 99%.
ConferenceInternational Conference on Dependable Systems and Networks (DSN) 2021