ITU Plan to Stop DoS Attacks Could End Net Anonymity Too
Finding ways to limit DoS attacks and SMS spam by making it harder to spoof the origin of electronic communications is on the agenda at a telecommunications standards meeting next week -- but civil rights advocates worry it could put an end to anonymity on the Internet.
Making it possible to trace the origin of all Internet traffic "raises grave concerns in terms of facilitating government repression," said Jim Dempsey, vice president for public policy at the Center for Democracy and Technology. "I'm skeptical of the claimed benefits for security."
At a meeting of the International Telecommunication Union (ITU) in Geneva next week, telecoms experts will discuss draft recommendation X.tb-ucr, Trace back use case and requirements, looking at ways to identify the source of packets sent across IP (Internet Protocol) networks.
"Knowing the source of traffic is essential for settlements and infrastructure protection, and more recently for preventing attacks on the network," said Tony Rutkowski, one of the members of the ITU working party on telecommunication security and also vice president for regulatory affairs and standards at Verisign.
Packets on IP networks are marked with the address of their source and destination. As the packets hop from router to router to reach their destination, routers make no note of where they came from. If the source address indicated on packets is spoofed, or fake, then there is no easy way to find out who is originating the traffic.
That's not necessarily a problem, unless the traffic is causing a nuisance, as is the case during a DoS (denial of service) attack on a server, for instance.
At one stage, said Rutkowski, around 10 percent of the requests reaching Verisign's DNS (Domain Name Servers) were from people trying to conduct DOS attacks. "We used to have our own traceback capability," he said.
At telcos, the CFO wants to know where that Internet traffic is coming from too. Carriers are seeing more SMS (Short Message Service) and VOIP (voice over IP) traffic from Internet gateways, and they have a right to charge the originators for delivering it. When the source of this traffic is concealed or spoofed, they don't know whom to bill. Such phantom traffic could be costing network operators hundreds of millions of dollars a year, Rutkowski said.
The ITU's Study Group 17 has been considering IP traceback since April 2007, when its vice chairman, Jianyong Chen of Chinese equipment manufacturer ZTE, made a presentation on the matter, and the group decided in April this year to study it more seriously.
Next week's meeting will consider contributions to a draft recommendation from telecommunication researchers in China and South Korea, with the most extensive contribution from Korea's Telecommunications Technology Association (TTA), a local standards body.
TTA has previously reported on the many existing ways to trace back to the source of spoofed traffic.
Its latest contribution "is an almost encyclopedic recitation of existing and potential traceback techniques that could apply from the IP layer through applications," said Rutkowski, who has seen the document. As a rule, the ITU does not release working documents.
Recommendations made by the ITU, a United Nations agency, have no force of law, although network operators may make compliance with ITU specifications a condition of the interconnection agreements they make with one another.
The ITU's work in this area worries Steven Bellovin, a professor of computer science at Columbia University. While working at AT&T, he coauthored an Internet Draft on ICMP Traceback Messages for the Internet Engineering Task Force, but now believes that such features should yield no more information than is already necessary for the network to function -- and perhaps not even that much.
Dempsey is in no hurry for carriers to adopt a recommendation on IP traceback.
"We don't have perfect anonymity, and we don't have perfect traceability. Having perfection in either value has unacceptable implications for the other value. Sometimes, the best solution is 'pretty good' rather than perfect," Dempsey said.