IPNL: A NAT-extended internet architecture
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Internet indirection infrastructure
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
A technique for counting natted hosts
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Unmanaged Internet Protocol: taming the edge network management crisis
ACM SIGCOMM Computer Communication Review
Connectivity restrictions in overlay multicast
NOSSDAV '04 Proceedings of the 14th international workshop on Network and operating systems support for digital audio and video
A layered naming architecture for the internet
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
NUTSS: a SIP-based approach to UDP and TCP network connectivity
Proceedings of the ACM SIGCOMM workshop on Future directions in network architecture
Democratizing content publication with coral
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Middleboxes no longer considered harmful
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
OASIS: anycast for any service
NSDI'06 Proceedings of the 3rd conference on Networked Systems Design & Implementation - Volume 3
CAPTCHA: using hard AI problems for security
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
The ghost in the browser analysis of web-based malware
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
My botnet is bigger than yours (maybe, better than yours): why size estimates remain challenging
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Identifying dynamic IP address blocks serendipitously through background scanning traffic
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Detecting in-flight page changes with web tripwires
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Peeking into spammer behavior from a unique vantage point
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
The heisenbot uncertainty problem: challenges in separating bots from chaff
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
An offline foundation for online accountable pseudonyms
Proceedings of the 1st Workshop on Social Network Systems
Profit-aware overload protection in E-commerce Web sites
Journal of Network and Computer Applications
Internet geolocation: Evasion and counterevasion
ACM Computing Surveys (CSUR)
De-anonymizing the internet using unreliable IDs
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
Where's that phone?: geolocating IP addresses on 3G networks
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Peeking through the cloud: DNS-based estimation and its applications
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Quilt: a patchwork of multicast regions
Proceedings of the Fourth ACM International Conference on Distributed Event-Based Systems
Peeking Through the Cloud: Client Density Estimation via DNS Cache Probing
ACM Transactions on Internet Technology (TOIT)
How to tell an airport from a home: techniques and applications
Hotnets-IX Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks
Netalyzr: illuminating the edge network
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Dude, where’s that IP?: circumventing measurement-based IP geolocation
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Inflight modifications of content: who are the culprits?
LEET'11 Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats
NAT usage in residential broadband networks
PAM'11 Proceedings of the 12th international conference on Passive and active measurement
Cellular data network infrastructure characterization and implication on mobile content placement
Proceedings of the ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems
Cellular data network infrastructure characterization and implication on mobile content placement
ACM SIGMETRICS Performance Evaluation Review - Performance evaluation review
An untold story of middleboxes in cellular networks
Proceedings of the ACM SIGCOMM 2011 conference
Estimating the number of users behind ip addresses for combating abusive traffic
Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining
Towards understanding modern web traffic
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Review: A survey on solutions and main free tools for privacy enhancing Web communications
Journal of Network and Computer Applications
Populated IP addresses: classification and applications
Proceedings of the 2012 ACM conference on Computer and communications security
The anatomy of LDNS clusters: findings and implications for web content delivery
Proceedings of the 22nd international conference on World Wide Web
Hi-index | 0.00 |
Online services often use IP addresses as client identifiers when enforcing access-control decisions. The academic community has typically eschewed this approach, however, due to the effect that NATs, proxies, and dynamic addressing have on a server's ability to identify individual clients. Yet, it is unclear to what extent these edge technologies actually impact the utility of using IP addresses as client identifiers. This paper provides some insights into this phenomenon. We do so by mapping out the size and extent of NATs and proxies, as well as characterizing the behavior of dynamic addressing. Using novel measurement techniques based on active web content, we present results gathered from 7 million clients over seven months. We find that most NATs are small, consisting of only a few hosts, while proxies are much more likely to serve many geographically-distributed clients. Further, we find that a server can generally detect if a client is connecting through a NAT or proxy, or from a prefix using rapid DHCP reallocation. From our measurement experiences, we have developed and implemented a methodology by which a server can make a more informed decision on whether to rely on IP addresses for client identification or to use more heavyweight forms of client authentication.