Investigating End-to-End Integrity Violations in Internet Traffic

10 Pages Posted: 3 Apr 2017 Last revised: 15 Aug 2017

See all articles by Alan Mislove

Alan Mislove

Northeastern University

David Choffnes

Northeastern University - College of Computer and Information Science

Taejoong Chung

Northeastern University

Date Written: March 30, 2017

Abstract

Internet applications are commonly implemented with the implicit assumption that network traffic is transported across the Internet without modification and without having application-level data being monitored; we refer to this end-to-end integrity. Put simply, most applications assume that the data they send will be received intact by the host they are communicating with (barring transient errors and normal packet loss). This expectation is encoded in the Federal Communications Commission (FCC) Open Internet Order, which states that Internet Service Providers (ISPs) should not impose “unreasonable interference” with customers’ network traffic. However, it is increasingly common for ISPs to deploy middleboxes that silently manipulate customers’ traffic in ways that impact security, privacy, and integrity.

This paper describes a methodology to test for such end-to-end modifications, as well as evidence of multiple ISPs that modify customers’ traffic in-flight. We use a HTTP/S proxy service with millions of end hosts in residential networks to study the behavior of over 14K networks worldwide. Using this system, we route benign traffic via over 1.2M hosts in these networks to test for end-to-end integrity. We find end- to-end integrity violations including hijacking of certain DNS responses—often sending users to pages with advertisements—by AT&T, Verizon, and Cox Communications (as well as a number of non-US ISPs). We also find content injection in web pages—often adding trackers or advertisements to web pages or censoring content—by a number of non-US ISPs as well. Worse, we find evidence that a number of hosts’ web requests are being monitored, suggesting that subscriber browsing data is being shared with third parties.

Given the increasing amounts of critical and privacy-sensitive information that is exchanged online, we recommend that regulators leverage active auditing technologies to inform and enforce current and future policies. Our methodology can be deployed with low overhead and is scalable to millions of hosts and

Keywords: End-To-End Integrity, Middleboxes, Privacy

Suggested Citation

Mislove, Alan and Choffnes, David and Chung, Taejoong, Investigating End-to-End Integrity Violations in Internet Traffic (March 30, 2017). Available at SSRN: https://ssrn.com/abstract=2943668

Alan Mislove (Contact Author)

Northeastern University ( email )

Boston, MA 02115
United States

David Choffnes

Northeastern University - College of Computer and Information Science ( email )

360 Huntington Avenue
Boston, MA 02115
United States

Taejoong Chung

Northeastern University ( email )

Boston, MA 02115
United States

Register to save articles to
your library

Register

Paper statistics

Downloads
21
Abstract Views
107
PlumX Metrics