5,290 research outputs found
The Internet AS-Level Topology: Three Data Sources and One Definitive Metric
We calculate an extensive set of characteristics for Internet AS topologies
extracted from the three data sources most frequently used by the research
community: traceroutes, BGP, and WHOIS. We discover that traceroute and BGP
topologies are similar to one another but differ substantially from the WHOIS
topology. Among the widely considered metrics, we find that the joint degree
distribution appears to fundamentally characterize Internet AS topologies as
well as narrowly define values for other important metrics. We discuss the
interplay between the specifics of the three data collection mechanisms and the
resulting topology views. In particular, we show how the data collection
peculiarities explain differences in the resulting joint degree distributions
of the respective topologies. Finally, we release to the community the input
topology datasets, along with the scripts and output of our calculations. This
supplement should enable researchers to validate their models against real data
and to make more informed selection of topology data sources for their specific
needs.Comment: This paper is a revised journal version of cs.NI/050803
Beyond Node Degree: Evaluating AS Topology Models
This is the accepted version of 'Beyond Node Degree: Evaluating AS Topology Models', archived originally at arXiv:0807.2023v1 [cs.NI] 13 July 2008.Many models have been proposed to generate Internet Autonomous System (AS) topologies, most of which make structural assumptions about the AS graph. In this paper we compare AS topology generation models with several observed AS topologies. In contrast to most previous works, we avoid making assumptions about which topological properties are important to characterize the AS topology. Our analysis shows that, although matching degree-based properties, the existing AS topology generation models fail to capture the complexity of the local interconnection structure between ASs. Furthermore, we use BGP data from multiple vantage points to show that additional measurement locations significantly affect local structure properties, such as clustering and node centrality. Degree-based properties, however, are not notably affected by additional measurements locations. These observations are particularly valid in the core. The shortcomings of AS topology generation models stems from an underestimation of the complexity of the connectivity in the core caused by inappropriate use of BGP data
Asymmetry and Discrimination in Internet Peering Evidence from the LINX
Is the quality of interconnection between Internet operators affected by their asymmetry? While recent game theoretic literature provides contrasting answers to this question, there is a lack of empirical research. We introduce a novel dataset based on Internet routing policies, and study the interconnection decisions amongst the Internet Service Providers (ISPs) members of the London Internet Exchange Point (LINX). Our results show that interconnection quality degradation can be significantly explained by asymmetry between providers. We also show that Competition Authorities should focus more on the role played by the ĂąâŹĆcentrality of an operatorĂąâŹ, rather than on its market share.Internet Peering, Two-sided Markets, Network Industries, Antitrust, Net Neutrality
âUnfairâ Discrimination in Two-sided Peering? Evidence from LINX
âUnfairâ Discrimination in Two-sided Peering? Evidence from LINX
Abstract: Does asymmetry between Internet Providers affect the âfairnessâ of their interconnection contracts?
While recent game theoretic literature provides contrasting answers to this question, there is a lack of empirical research.
We introduce a novel dataset on micro-interconnection policies and provide an econometric analysis of the determinants
of peering decisions amongst the Internet Service Providers interconnecting at the London Internet Exchange Point (LINX).
Our key result shows that two different metrics, introduced to capture asymmetry, exert opposite effects. Asymmetry in
âmarket sizeâ enhances the quality of the link, while asymmetry in ânetwork centralityâ induces quality degradation, hence
âunfairerâ interconnection conditions
Inferring AS Relationships: Dead End or Lively Beginning?
Recent techniques for inferring business relationships between ASs have
yielded maps that have extremely few invalid BGP paths in the terminology of
Gao. However, some relationships inferred by these newer algorithms are
incorrect, leading to the deduction of unrealistic AS hierarchies. We
investigate this problem and discover what causes it. Having obtained such
insight, we generalize the problem of AS relationship inference as a
multiobjective optimization problem with node-degree-based corrections to the
original objective function of minimizing the number of invalid paths. We solve
the generalized version of the problem using the semidefinite programming
relaxation of the MAX2SAT problem. Keeping the number of invalid paths small,
we obtain a more veracious solution than that yielded by recent heuristics
K-core decomposition of Internet graphs: hierarchies, self-similarity and measurement biases
We consider the -core decomposition of network models and Internet graphs
at the autonomous system (AS) level. The -core analysis allows to
characterize networks beyond the degree distribution and uncover structural
properties and hierarchies due to the specific architecture of the system. We
compare the -core structure obtained for AS graphs with those of several
network models and discuss the differences and similarities with the real
Internet architecture. The presence of biases and the incompleteness of the
real maps are discussed and their effect on the -core analysis is assessed
with numerical experiments simulating biased exploration on a wide range of
network models. We find that the -core analysis provides an interesting
characterization of the fluctuations and incompleteness of maps as well as
information helping to discriminate the original underlying structure
Characterizing the IoT ecosystem at scale
Internet of Things (IoT) devices are extremely popular with home, business, and industrial users. To provide their services, they typically rely on a backend server in- frastructure on the Internet, which collectively form the IoT Ecosystem. This ecosys- tem is rapidly growing and offers users an increasing number of services. It also has been a source and target of significant security and privacy risks. One notable exam- ple is the recent large-scale coordinated global attacks, like Mirai, which disrupted large service providers. Thus, characterizing this ecosystem yields insights that help end-users, network operators, policymakers, and researchers better understand it, obtain a detailed view, and keep track of its evolution. In addition, they can use these insights to inform their decision-making process for mitigating this ecosystemâs security and privacy risks. In this dissertation, we characterize the IoT ecosystem at scale by (i) detecting the IoT devices in the wild, (ii) conducting a case study to measure how deployed IoT devices can affect usersâ privacy, and (iii) detecting and measuring the IoT backend infrastructure. To conduct our studies, we collaborated with a large European Internet Service Provider (ISP) and a major European Internet eXchange Point (IXP). They rou- tinely collect large volumes of passive, sampled data, e.g., NetFlow and IPFIX, for their operational purposes. These data sources help providers obtain insights about their networks, and we used them to characterize the IoT ecosystem at scale. We start with IoT devices and study how to track and trace their activity in the wild. We developed and evaluated a scalable methodology to accurately detect and monitor IoT devices with limited, sparsely sampled data in the ISP and IXP. Next, we conduct a case study to measure how a myriad of deployed devices can affect the privacy of ISP subscribers. Unfortunately, we found that the privacy of a substantial fraction of IPv6 end-users is at risk. We noticed that a single device at home that encodes its MAC address into the IPv6 address could be utilized as a tracking identifier for the entire end-user prefixâeven if other devices use IPv6 privacy extensions. Our results showed that IoT devices contribute the most to this privacy leakage. Finally, we focus on the backend server infrastructure and propose a methodology to identify and locate IoT backend servers operated by cloud services and IoT vendors. We analyzed their IoT traffic patterns as observed in the ISP. Our analysis sheds light on their diverse operational and deployment strategies. The need for issuing a priori unknown network-wide queries against large volumes of network flow capture data, which we used in our studies, motivated us to develop Flowyager. It is a system built on top of existing traffic capture utilities, and it relies on flow summarization techniques to reduce (i) the storage and transfer cost of flow captures and (ii) query response time. We deployed a prototype of Flowyager at both the IXP and ISP.Internet-of-Things-GerĂ€te (IoT) sind aus vielen Haushalten, BĂŒrorĂ€umen und In- dustrieanlagen nicht mehr wegzudenken. Um ihre Dienste zu erbringen, nutzen IoT- GerĂ€te typischerweise auf eine Backend-Server-Infrastruktur im Internet, welche als Gesamtheit das IoT-Ăkosystem bildet. Dieses Ăkosystem wĂ€chst rapide an und bie- tet den Nutzern immer mehr Dienste an. Das IoT-Ăkosystem ist jedoch sowohl eine Quelle als auch ein Ziel von signifikanten Risiken fĂŒr die Sicherheit und PrivatsphĂ€re. Ein bemerkenswertes Beispiel sind die jĂŒngsten groĂ angelegten, koordinierten globa- len Angriffe wie Mirai, durch die groĂe Diensteanbieter gestört haben. Deshalb ist es wichtig, dieses Ăkosystem zu charakterisieren, eine ganzheitliche Sicht zu bekommen und die Entwicklung zu verfolgen, damit Forscher, EntscheidungstrĂ€ger, Endnutzer und Netzwerkbetreibern Einblicke und ein besseres VerstĂ€ndnis erlangen. AuĂerdem können alle Teilnehmer des Ăkosystems diese Erkenntnisse nutzen, um ihre Entschei- dungsprozesse zur Verhinderung von Sicherheits- und PrivatsphĂ€rerisiken zu verbes- sern. In dieser Dissertation charakterisieren wir die Gesamtheit des IoT-Ăkosystems indem wir (i) IoT-GerĂ€te im Internet detektieren, (ii) eine Fallstudie zum Einfluss von benutzten IoT-GerĂ€ten auf die PrivatsphĂ€re von Nutzern durchfĂŒhren und (iii) die IoT-Backend-Infrastruktur aufdecken und vermessen. Um unsere Studien durchzufĂŒhren, arbeiten wir mit einem groĂen europĂ€ischen Internet- Service-Provider (ISP) und einem groĂen europĂ€ischen Internet-Exchange-Point (IXP) zusammen. Diese sammeln routinemĂ€Ăig fĂŒr operative Zwecke groĂe Mengen an pas- siven gesampelten Daten (z.B. als NetFlow oder IPFIX). Diese Datenquellen helfen Netzwerkbetreibern Einblicke in ihre Netzwerke zu erlangen und wir verwendeten sie, um das IoT-Ăkosystem ganzheitlich zu charakterisieren. Wir beginnen unsere Analysen mit IoT-GerĂ€ten und untersuchen, wie diese im Inter- net aufgespĂŒrt und verfolgt werden können. Dazu entwickelten und evaluierten wir eine skalierbare Methodik, um IoT-GerĂ€te mit Hilfe von eingeschrĂ€nkten gesampelten Daten des ISPs und IXPs prĂ€zise erkennen und beobachten können. Als NĂ€chstes fĂŒhren wir eine Fallstudie durch, in der wir messen, wie eine Unzahl von eingesetzten GerĂ€ten die PrivatsphĂ€re von ISP-Nutzern beeinflussen kann. Lei- der fanden wir heraus, dass die PrivatsphĂ€re eines substantiellen Teils von IPv6- Endnutzern bedroht ist. Wir entdeckten, dass bereits ein einzelnes GerĂ€t im Haus, welches seine MAC-Adresse in die IPv6-Adresse kodiert, als Tracking-Identifikator fĂŒr das gesamte Endnutzer-PrĂ€fix missbraucht werden kann â auch wenn andere GerĂ€te IPv6-Privacy-Extensions verwenden. Unsere Ergebnisse zeigten, dass IoT-GerĂ€te den GroĂteil dieses PrivatsphĂ€re-Verlusts verursachen. AbschlieĂend fokussieren wir uns auf die Backend-Server-Infrastruktur und wir schla- gen eine Methodik zur Identifizierung und Lokalisierung von IoT-Backend-Servern vor, welche von Cloud-Diensten und IoT-Herstellern betrieben wird. Wir analysier- ten Muster im IoT-Verkehr, der vom ISP beobachtet wird. Unsere Analyse gibt Auf- schluss ĂŒber die unterschiedlichen Strategien, wie IoT-Backend-Server betrieben und eingesetzt werden. Die Notwendigkeit a-priori unbekannte netzwerkweite Anfragen an groĂe Mengen von Netzwerk-Flow-Daten zu stellen, welche wir in in unseren Studien verwenden, moti- vierte uns zur Entwicklung von Flowyager. Dies ist ein auf bestehenden Netzwerkverkehrs- Tools aufbauendes System und es stĂŒtzt sich auf die Zusammenfassung von Verkehrs- flĂŒssen, um (i) die Kosten fĂŒr Archivierung und Transfer von Flow-Daten und (ii) die Antwortzeit von Anfragen zu reduzieren. Wir setzten einen Prototypen von Flowyager sowohl im IXP als auch im ISP ein
- âŠ