Fighting Cybercrime with Packet Attestation
IP source addresses are often the only initial lead when investigating cybercrime in the Internet. Unfortunately, source addresses are easily forged, which can protect the culprits and lead to false accusations. The authors describe a new method for packet attestation in the Internet. Packet attestation establishes whether or not a given IP packet was sent by a particular network subscriber. This capability allows network operators to verify the source of malicious traffic and to validate complaints, identity requests, and DMCA take-down notices against their clients. As a result, innocent users cannot be falsely accused, while the culprits no longer enjoy plausible deniability.