Investigating attacks and challenges in internet path fingerprinting based on packet-pair technique

The packet-pair technique is a well-known approved method to estimate the capacity of a path. Recent observations and findings specify that this technique can be utilized to generate Internet path fingerprints. The packet-pair technique proposes a novel scheme for remote path identification using the distribution of packet-pair dispersions. Previous findings indicate that the packet-pair dispersion technique can leak valuable information about the identity and or locations of the remote hosts. Internet Path fingerprinting is the vital element of applications that distinguish among different network paths, path selection in overlay networks, multi-path routing, monitoring and diagnosis of network problems, and understanding of network behavior far more deeper. In this paper we investigate whether dispersion-based path fingerprints can be forged by an adversary who intent to impersonate a given path (e.g., where a malicious host creates multiple identities to alter reputation systems). We analyze the capability of an attacker to convince the verifier by accepting the path fingerprint that matches to the claimed identity of the prover. We further propose a secured method for mitigating the impersonation attacks in path identification system, even though there are a number of challenges that have to be defeated by an adversary or rogue in order to successfully impersonate the target path.