Backscatter from the Data Plane --- Threats to Stability and Security in Information-Centric Networking

Information-centric networking proposals attract much attention in the ongoing search for a future communication paradigm of the Internet. Replacing the host-to-host connectivity by a data-oriented publish/subscribe service eases content distribution and authentication by concept, while eliminating threats from unwanted traffic at an end host as are common in today's Internet. However, current approaches to content routing heavily rely on data-driven protocol events and thereby introduce a strong coupling of the control to the data plane in the underlying routing infrastructure. In this paper, threats to the stability and security of the content distribution system are analyzed in theory and practical experiments. We derive relations between state resources and the performance of routers and demonstrate how this coupling can be misused in practice. We discuss new attack vectors present in its current state of development, as well as possibilities and limitations to mitigate them.Comment: 15 page

Internet routing paths stability model and relation to forwarding paths

Analysis of real datasets to characterize the local stability properties of the Internet routing paths suggests that extending the route selection criteria to account for such property would not increase the routing path length. Nevertheless, even if selecting a more stable routing path could be considered as valuable from a routing perspective, it does not necessarily imply that the associated forwarding path would be more stable. Hence, if the dynamics of the Internet routing and forwarding system show different properties, then one can not straightforwardly derive the one from the other. If this assumption is verified, then the relationship between the stability of the forwarding path (followed by the traffic) and the corresponding routing path as selected by the path-vector routing algorithm requires further characterization. For this purpose, we locally relate, i.e., at the router level, the stability properties of routing path with the corresponding forwarding path. The proposed stability model and measurement results verify this assumption and show that, although the main cause of instability results from the forwarding plane, a second order effect relates forwarding and routing path instability events. This observation provides the first indication that differential stability can safely be taken into account as part of the route selection process

On Compact Routing for the Internet

While there exist compact routing schemes designed for grids, trees, and Internet-like topologies that offer routing tables of sizes that scale logarithmically with the network size, we demonstrate in this paper that in view of recent results in compact routing research, such logarithmic scaling on Internet-like topologies is fundamentally impossible in the presence of topology dynamics or topology-independent (flat) addressing. We use analytic arguments to show that the number of routing control messages per topology change cannot scale better than linearly on Internet-like topologies. We also employ simulations to confirm that logarithmic routing table size scaling gets broken by topology-independent addressing, a cornerstone of popular locator-identifier split proposals aiming at improving routing scaling in the presence of network topology dynamics or host mobility. These pessimistic findings lead us to the conclusion that a fundamental re-examination of assumptions behind routing models and abstractions is needed in order to find a routing architecture that would be able to scale ``indefinitely.''Comment: This is a significantly revised, journal version of cs/050802

Stellar: Network Attack Mitigation using Advanced Blackholing

© ACM 2018. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in Proceedings of the 14th International Conference on Emerging Networking EXperiments and Technologies - CoNEXT ’18, http://dx.doi.org/10.1145/3281411.3281413.Network attacks, including Distributed Denial-of-Service (DDoS), continuously increase in terms of bandwidth along with damage (recent attacks exceed 1.7 Tbps) and have a devastating impact on the targeted companies/governments. Over the years, mitigation techniques, ranging from blackholing to policy-based filtering at routers, and on to traffic scrubbing, have been added to the network operator’s toolbox. Even though these mitigation techniques pro- vide some protection, they either yield severe collateral damage, e.g., dropping legitimate traffic (blackholing), are cost-intensive, or do not scale well for Tbps level attacks (ACL filltering, traffic scrubbing), or require cooperation and sharing of resources (Flowspec). In this paper, we propose Advanced Blackholing and its system realization Stellar. Advanced blackholing builds upon the scalability of blackholing while limiting collateral damage by increasing its granularity. Moreover, Stellar reduces the required level of cooperation to enhance mitigation effectiveness. We show that fine-grained blackholing can be realized, e.g., at a major IXP, by combining available hardware filters with novel signaling mechanisms. We evaluate the scalability and performance of Stellar at a large IXP that interconnects more than 800 networks, exchanges more than 6 Tbps tra c, and witnesses many network attacks every day. Our results show that network attacks, e.g., DDoS amplification attacks, can be successfully mitigated while the networks and services under attack continue to operate untroubled.EC/H2020/679158/EU/Resolving the Tussle in the Internet: Mapping, Architecture, and Policy Making/ResolutioNetDFG, FE 570/4-1, Gottfried Wilhelm Leibniz-Preis 201

Analysis of Effects of BGP Black Hole Routing on a Network like the NIPRNET

The Department of Defense (DoD) relies heavily on the Non-secure Internet Protocol Router Network (NIPRNET) to exchange information freely between departments, services, bases, posts, and ships. The NIPRNET is vulnerable to various attacks, to include physical and cyber attacks. One of the most frequently used cyber attacks by criminally motivated hackers is a Distributed Denial of Service (DDoS) attack. DDoS attacks can be used to exhaust network bandwidth and router processing capabilities, and as a leveraging tool for extortion. Border Gateway Protocol (BGP) black hole routing is a responsive defensive network technique for mitigating DDoS attacks. BGP black hole routing directs traffic destined to an Internet address under attack to a null address, essentially stopping the DDoS attack by dropping all traffic to the targeted system. This research examines the ability of BGP black hole routing to effectively defend a network like the NIPRNET from a DDoS attack, as well as examining two different techniques for triggering BGP black hole routing during a DDoS attack. This thesis presents experiments with three different DDoS attack scenarios to determine the effectiveness of BGP black hole routing. Remote-triggered black hole routing is then compared against customer-triggered black hole routing to examine how well each technique reacts under a DDoS attack. The results from this study show BGP black hole routing to be highly successful. It also shows that remote-triggered black hole routing is much more effective than customer-triggered

Vintage Capital and the Dynamics of the AK Model

This paper analyzes the equilibrium dynamics of an AK-type endogenous growth model with vintage capital. The inclusion of vintage capital leads to oscillatory dynamics governed by replacement echoes, which additionally influence the intercept of the balanced growth path. These features, which are in sharp contrast to those from the standard AK model, can contribute to explaining the short-run deviations observed between investment and growth rates time series. To characterize the convergence properties and the dynamics of the model we develop analytical and numerical methods that should be of interest for the general resolution of endogenous growth models with vintage capital.