Distributed Internet security and measurement

The Internet has developed into an important economic, military, academic, and social resource. It is a complex network, comprised of tens of thousands of independently operated networks, called Autonomous Systems (ASes). A significant strength of the Internet\u27s design, one which enabled its rapid growth in terms of users and bandwidth, is that its underlying protocols (such as IP, TCP, and BGP) are distributed. Users and networks alike can attach and detach from the Internet at will, without causing major disruptions to global Internet connectivity. This dissertation shows that the Internet\u27s distributed, and often redundant structure, can be exploited to increase the security of its protocols, particularly BGP (the Internet\u27s interdomain routing protocol). It introduces Pretty Good BGP, an anomaly detection protocol coupled with an automated response that can protect individual networks from BGP attacks. It also presents statistical measurements of the Internet\u27s structure and uses them to create a model of Internet growth. This work could be used, for instance, to test upcoming routing protocols on ensemble of large, Internet-like graphs. Finally, this dissertation shows that while the Internet is designed to be agnostic to political influence, it is actually quite centralized at the country level. With the recent rise in country-level Internet policies, such as nation-wide censorship and warrantless wiretaps, this centralized control could have significant impact on international reachability

BGP Security in Partial Deployment: Is the Juice Worth the Squeeze?

As the rollout of secure route origin authentication with the RPKI slowly gains traction among network operators, there is a push to standardize secure path validation for BGP (i.e., S*BGP: S-BGP, soBGP, BGPSEC, etc.). Origin authentication already does much to improve routing security. Moreover, the transition to S*BGP is expected to be long and slow, with S*BGP coexisting in "partial deployment" alongside BGP for a long time. We therefore use theoretical and experimental approach to study the security benefits provided by partially-deployed S*BGP, vis-a-vis those already provided by origin authentication. Because routing policies have a profound impact on routing security, we use a survey of 100 network operators to find the policies that are likely to be most popular during partial S*BGP deployment. We find that S*BGP provides only meagre benefits over origin authentication when these popular policies are used. We also study the security benefits of other routing policies, provide prescriptive guidelines for partially-deployed S*BGP, and show how interactions between S*BGP and BGP can introduce new vulnerabilities into the routing system

Robust routing under dynamic traffic demands

In order to provide service reliability with reasonable quality, it is essential for the network operator to manage the traffic flows in the core network. Managing traffic in the network is performed as routing function. In the traditional traffic management, network operator can tune routing parameters to simply manage the traffic. But traditional routing methods are not designed to handle the sudden fluctuations in the traffic. As a result, this may apparently lead to the traffic congestions in some parts of the core network, leaving other part underutilized. In this thesis we explore issues related to the routing robustness in the face of traffic demand variations. We investigate different routing methods for efficient routing using maximum link utilization (MLU) as a performance metric. The primary advantage of using link utilization is its ease to compute the network performance on real network data and synthetic data. Overloaded links might result in Quality of Service degradation (e.g. larger packet delay, packet losses etc.), so MLU might be a useful measure of network performance. For the experimentation, we have used unique data from the real operational network available in the public domain and the random data for large network topology instances. Furthermore, we propose a simple routing algorithm called Robust Routing Technique (RRT) to implement a robust routing mechanism. This mechanism allows network operator to satisfy the networking goals such as load balancing, routing robustness to the range of traffic demand matrices, link failures or to the traffic changes caused by uncertain traffic demands. Simulation experiments with real network topologies and random topologies demonstrate that our routing solution is simple (for routing) and flexible (for forwarding). K-Shortest path implementation in RRT can be extended for Multi Protocol Label Switching. Finally, we evaluate the performance of robust routing under dynamic traffic demands. We formulate the problem as a multi commodity flow problem using linear programming. We use congestion ratio to define the robust routing performance. We provide a variant to the existing robust routing mechanisms by modelling traffic demand due to Distributed Denial of service attacks or worms. Simulation results are compared with the popular OSPF traffic engineering algorithm to provide effectiveness to the proposed routing scheme. Simulation results are compared with the popular OSPF traffic engineering algorithm to provide effectiveness to the proposed routing scheme

Future Internet Routing Design for Massive Failures and Attacks

Given the high complexity and increasing traffic load of the Internet, geo-correlated challenges caused by large-scale disasters or malicious attacks pose a significant threat to dependable network communications. To understand its characteristics, we propose a critical-region identification mechanism and incorporate its result into a new graph resilience metric, compensated Total Geographical Graph Diversity. Our metric is capable of characterizing and differentiating resiliency levels for different physical topologies. We further analyze the mechanisms attackers could exploit to maximize the damage and demonstrate the effectiveness of a network restoration plan. Based on the geodiversity in topologies, we present the path geodiverse problem and two heuristics to solve it more efficiently compared to the optimal algorithm. We propose the flow geodiverse problem and two optimization formulations to study the tradeoff among cost, end-to-end delay, and path skew with multipath forwarding. We further integrate the solution to above models into our cross-layer resilient protocol stack, ResTP–GeoDivRP. Our protocol stack is prototyped and implemented in the network simulator ns-3 and emulated in our KanREN testbed. By providing multiple GeoPaths, our protocol stack provides better path restoration performance than Multipath TCP

State of the art in Wireless Mesh Networks - delivrable L3.01 - RNRT project "Airnet"

This delivrable presents a state of the art on management related issues in Wireless Mesh Networks. We describe existant work focusing on the five functional domains of the management plane: fault management, configuration management, accounting, performance and security

Smart routing: towards proactive fault handling of software-defined networks

In recent years, the emerging paradigm of software-defined networking has become a hot and thriving topic in both the industrial and academic sectors. Software-defined networking offers numerous benefits against legacy networking systems by simplifying the process of network management through reducing the cost of network configurations. Currently, data plane fault management is limited to two mechanisms: proactive and reactive. These fault management and recovery techniques are activated only after a failure occurrence and hence packet loss is highly likely to occur. This is due to convergence time where new network paths will need to be allocated in order to forward the affected traffic rather than drop it. Such convergence leads to temporary service disruption and unavailability. Practically, not only the speed of recovery mechanisms affects the convergence, but also the delay caused by the process of failure detection. In this paper, we define a new approach for data plane fault management in software-defined networks where the goal is to eliminate the convergence process altogether rather than accelerate the failure detection and recovery. We propose a new framework, called Smart Routing, which allows the network controller to receive forewarning signs on failures and hence avoid risky paths before the failure incidents occur. The proposed approach aims to decrease service disruption, which in turn increases network service availability. We validate our framework through a set of experiments that demonstrate how the underlying model runs and its impact on improving service availability. We take as example of the applicability of the new framework three types of topologies covering real and simulated networks