Paper review: < Hash-Based IP Traceback [SPSJ+01] >

Reviewer: <Ryan Gehl>

  1. State the problem the paper is trying to solve.
  2. The main problem this paper is trying to solve is that it is difficult to reliably identify the originator of an IP packet. This is important because reliably tracing individual packets back to their sources is the first step toward making attackers accountable for their actions.

  3. State the main contribution of the paper: solving a new problem, proposing a new algorithm, or presenting a new evaluation (analysis). If a new problem, why was the problem important? Is the problem still important today? Will the problem be important tomorrow?  If a new algorithm or new evaluation (analysis), what are the improvements over previous algorithms or evaluations? How do they come up with the new algorithm or evaluation? 
  4. The main contribution of this work is the presentation of a hash-based technique for IP traceback that generates audit trails for traffic within a network and can trace the origin of a single IP packet delivered by the network (as opposed to determining the source of a large flow).

  5. Summarize the (at most) 3 key main ideas (each in 1 sentence.) 
  6. (1) One of the key innovations of their Source Path Insolation Engine (SPIE) is the reduced memory requirement relative to other schemes (through the use of Bloom filters.
    (2) SPIE does not increase a network's vulnerability to eavesdropping because only packet digests are stored, not the packets themselves.

  7. Critique the main contribution
  8. What lessons should researchers and builders take away from this work. What (if any) questions does this work leave open?

Difficult problems such as preventing and tracing attacks often do not have clean or easy solutions. However, it is important to still attempt to tackle a small portion of the problem, laying the foundation for future work.