Distributed Internet security and measurement

The Internet has developed into an important economic, military, academic, and social resource. It is a complex network, comprised of tens of thousands of independently operated networks, called Autonomous Systems (ASes). A significant strength of the Internet\u27s design, one which enabled its rapid growth in terms of users and bandwidth, is that its underlying protocols (such as IP, TCP, and BGP) are distributed. Users and networks alike can attach and detach from the Internet at will, without causing major disruptions to global Internet connectivity. This dissertation shows that the Internet\u27s distributed, and often redundant structure, can be exploited to increase the security of its protocols, particularly BGP (the Internet\u27s interdomain routing protocol). It introduces Pretty Good BGP, an anomaly detection protocol coupled with an automated response that can protect individual networks from BGP attacks. It also presents statistical measurements of the Internet\u27s structure and uses them to create a model of Internet growth. This work could be used, for instance, to test upcoming routing protocols on ensemble of large, Internet-like graphs. Finally, this dissertation shows that while the Internet is designed to be agnostic to political influence, it is actually quite centralized at the country level. With the recent rise in country-level Internet policies, such as nation-wide censorship and warrantless wiretaps, this centralized control could have significant impact on international reachability

Guide des procédures administratives concernant les infrastructures de l'Internet

5 pages (English), 22 paginas (Español), 6 pages (Français)This document describes the administrative procedures for countries (or networks) seeking to connect to the global Internet. This includes the steps and operations necessary for address space allocation and registration, routing database registration, and domain name registration. Where to find the required forms and instructions on how to complete them are included

AS-level topology collection through looking glass servers

While accurate and complete modeling of the Internet topol-ogy at the Autonomous System (AS) level is critical for future protocol design, performance evaluation, simulation and analysis, still it remains a challenge to construct its ac-curate representation. In this paper, we collect BGP route announcements of ASes from Looking glass (LG) servers. By querying LG servers, we build an AS topology estimate of around 116 K AS links, from which we discover 11 K new AS links and 686 new ASes. We conclude that collecting BGP traces from LG servers can help enhance the current view of the AS topology from the BGP collector projects (e.g., RouteViews)

Measuring Effectiveness of Address Schemes for AS-level Graphs

This dissertation presents measures of efficiency and locality for Internet addressing schemes. Historically speaking, many issues, faced by the Internet, have been solved just in time, to make the Internet just work~\cite{justWork}. Consensus, however, has been reached that today\u27s Internet routing and addressing system is facing serious scaling problems: multi-homing which causes finer granularity of routing policies and finer control to realize various traffic engineering requirements, an increased demand for provider-independent prefix allocations which injects unaggregatable prefixes into the Default Free Zone (DFZ) routing table, and ever-increasing Internet user population and mobile edge devices. As a result, the DFZ routing table is again growing at an exponential rate. Hierarchical, topology-based addressing has long been considered crucial to routing and forwarding scalability. Recently, however, a number of research efforts are considering alternatives to this traditional approach. With the goal of informing such research, we investigated the efficiency of address assignment in the existing (IPv4) Internet. In particular, we ask the question: ``how can we measure the locality of an address scheme given an input AS-level graph?\u27\u27 To do so, we first define a notion of efficiency or locality based on the average number of bit-hops required to advertize all prefixes in the Internet. In order to quantify how far from ``optimal the current Internet is, we assign prefixes to ASes ``from scratch in a manner that preserves observed semantics, using three increasingly strict definitions of equivalence. Next we propose another metric that in some sense quantifies the ``efficiency of the labeling and is independent of forwarding/routing mechanisms. We validate the effectiveness of the metric by applying it to a series of address schemes with increasing randomness given an input AS-level graph. After that we apply the metric to the current Internet address scheme across years and compare the results with those of compact routing schemes

Internet Interconnection Ecosystem in Finland

For both fixed and mobile network operators, interconnection constitutes an indisputably key element to provide end users with a variety of services. Internet interconnection is particularly an intriguing subject due to the importance of the Internet in our everyday lives and our genuine curiosity to grasp its underlying structure. This thesis aims to provide a holistic approach to study the Internet interconnections in a nation-centric stance. To accomplish the objective, initially the method that breaks down the key features of the interconnection analysis is introduced. The nation-centric analysis is conducted for Finland by jointly utilizing the Internet registry data and collected Internet routing data. Covering the last decade of the Finnish Internet, the longitudinal analysis yields significant findings for the Internet address usage statistics and the level of multi-homed networks, along with the classification and inference of relationships between stakeholders in the interconnection ecosystem. The implications that the emerging interconnection models pose for the future global service delivery among both fixed and mobile networks are expounded from the perspective of the existing domestic interconnection practices. The longitudinal interconnectivity study allows us to comprehend both technical and business interfaces between market players by revealing a complete list of customer-provider relationships. Within a national milieu, the assessment of the current Internet market dynamics and future implications of emerging models can be considered in more rationally anticipated manner. Hence, authorities who desire to design new pricing schemes and policies for future networking interconnections can be guided more thoroughly

Improving the accuracy of spoofed traffic inference in inter-domain traffic

Ascertaining that a network will forward spoofed traffic usually requires an active probing vantage point in that network, effectively preventing a comprehensive view of this global Internet vulnerability. We argue that broader visibility into the spoofing problem may lie in the capability to infer lack of Source Address Validation (SAV) compliance from large, heavily aggregated Internet traffic data, such as traffic observable at Internet Exchange Points (IXPs). The key idea is to use IXPs as observatories to detect spoofed packets, by leveraging Autonomous System (AS) topology knowledge extracted from Border Gateway Protocol (BGP) data to infer which source addresses should legitimately appear across parts of the IXP switch fabric. In this thesis, we demonstrate that the existing literature does not capture several fundamental challenges to this approach, including noise in BGP data sources, heuristic AS relationship inference, and idiosyncrasies in IXP interconnec- tivity fabrics. We propose Spoofer-IX, a novel methodology to navigate these challenges, leveraging Customer Cone semantics of AS relationships to guide precise classification of inter-domain traffic as In-cone, Out-of-cone ( spoofed ), Unverifiable, Bogon, and Unas- signed. We apply our methodology on extensive data analysis using real traffic data from two distinct IXPs in Brazil, a mid-size and a large-size infrastructure. In the mid-size IXP with more than 200 members, we find an upper bound volume of Out-of-cone traffic to be more than an order of magnitude less than the previous method inferred on the same data, revealing the practical importance of Customer Cone semantics in such analysis. We also found no significant improvement in deployment of SAV in networks using the mid-size IXP between 2017 and 2019. In hopes that our methods and tools generalize to use by other IXPs who want to avoid use of their infrastructure for launching spoofed-source DoS attacks, we explore the feasibility of scaling the system to larger and more diverse IXP infrastructures. To promote this goal, and broad replicability of our results, we make the source code of Spoofer-IX publicly available. This thesis illustrates the subtleties of scientific assessments of operational Internet infrastructure, and the need for a community focus on reproducing and repeating previous methods.A constatação de que uma rede encaminhará tráfego falsificado geralmente requer um ponto de vantagem ativo de medição nessa rede, impedindo efetivamente uma visão abrangente dessa vulnerabilidade global da Internet. Isto posto, argumentamos que uma visibilidade mais ampla do problema de spoofing pode estar na capacidade de inferir a falta de conformidade com as práticas de Source Address Validation (SAV) a partir de dados de tráfego da Internet altamente agregados, como o tráfego observável nos Internet Exchange Points (IXPs). A ideia chave é usar IXPs como observatórios para detectar pacotes falsificados, aproveitando o conhecimento da topologia de sistemas autônomos extraído dos dados do protocolo BGP para inferir quais endereços de origem devem aparecer legitimamente nas comunicações através da infra-estrutura de um IXP. Nesta tese, demonstramos que a literatura existente não captura diversos desafios fundamentais para essa abordagem, incluindo ruído em fontes de dados BGP, inferência heurística de relacionamento de sistemas autônomos e características específicas de interconectividade nas infraestruturas de IXPs. Propomos o Spoofer-IX, uma nova metodologia para superar esses desafios, utilizando a semântica do Customer Cone de relacionamento de sistemas autônomos para guiar com precisão a classificação de tráfego inter-domínio como In-cone, Out-of-cone ( spoofed ), Unverifiable, Bogon, e Unassigned. Aplicamos nossa metodologia em análises extensivas sobre dados reais de tráfego de dois IXPs distintos no Brasil, uma infraestrutura de médio porte e outra de grande porte. No IXP de tamanho médio, com mais de 200 membros, encontramos um limite superior do volume de tráfego Out-of-cone uma ordem de magnitude menor que o método anterior inferiu sob os mesmos dados, revelando a importância prática da semântica do Customer Cone em tal análise. Além disso, não encontramos melhorias significativas na implantação do Source Address Validation (SAV) em redes usando o IXP de tamanho médio entre 2017 e 2019. Na esperança de que nossos métodos e ferramentas sejam aplicáveis para uso por outros IXPs que desejam evitar o uso de sua infraestrutura para iniciar ataques de negação de serviço através de pacotes de origem falsificada, exploramos a viabilidade de escalar o sistema para infraestruturas IXP maiores e mais diversas. Para promover esse objetivo e a ampla replicabilidade de nossos resultados, disponibilizamos publicamente o código fonte do Spoofer-IX. Esta tese ilustra as sutilezas das avaliações científicas da infraestrutura operacional da Internet e a necessidade de um foco da comunidade na reprodução e repetição de métodos anteriores

Systems for characterizing Internet routing

2018 Spring.Includes bibliographical references.Today the Internet plays a critical role in our lives; we rely on it for communication, business, and more recently, smart home operations. Users expect high performance and availability of the Internet. To meet such high demands, all Internet components including routing must operate at peak efficiency. However, events that hamper the routing system over the Internet are very common, causing millions of dollars of financial loss, traffic exposed to attacks, or even loss of national connectivity. Moreover, there is sparse real-time detection and reporting of such events for the public. A key challenge in addressing such issues is lack of methodology to study, evaluate and characterize Internet connectivity. While many networks operating autonomously have made the Internet robust, the complexity in understanding how users interconnect, interact and retrieve content has also increased. Characterizing how data is routed, measuring dependency on external networks, and fast outage detection has become very necessary using public measurement infrastructures and data sources. From a regulatory standpoint, there is an immediate need for systems to detect and report routing events where a content provider's routing policies may run afoul of state policies. In this dissertation, we design, build and evaluate systems that leverage existing infrastructure and report routing events in near-real time. In particular, we focus on geographic routing anomalies i.e., detours, routing failure i.e., outages, and measuring structural changes in routing policies

Technologies, routing policies and relationships between autonomous systems in inter-domain routing

A deep exploration of the issues related to routing decisions in inter-domain routing is the scope of this thesis, through the analysis of the interconnection structure and the network hierarchy, the examination of the inter-domain routing protocol used to exchange network reachability information with other systems, the examination of the routing decision process between the entities according to their attributes and policies, the study of the topology generators of the AS relationships, reviewing the most interesting proposals in this area, describing why these issues are difficult to solve, and proposing solutions allowing to better understand the routing process and optimally solve the trade-off of implementing a Peering Engagement between two Autonomous Systems, against the extra cost that this solution represent. More specifically this thesis introduces a new scheme for the routing decision in a BGP speaker through a formalization of the routing decision process, and proposes a formulation of a real and exhaustive mathematical model of a Peering Engagement between Autonomous Systems, to be solved as a problem of maximization with an ad-hoc built Decision Support System (XESS) able to find an optimal reduced set of solutions to the proposed problem. -------------------------------------------------------------------------- ABSTRACT [IT] Un’analisi approfondita delle tematiche inerenti le decisioni di routing nel routing interdominio è oggetto di questa tesi, attraverso l’esame della struttura di interconnessione e delle gerarchia del network, lo studio del protocollo utilizzato nel routing interdominio per scambiare le informazioni di reachability con gli altri sistemi, l’analisi del processo decisionale tra le entità coinvolte nello scambio di tali informazioni in accordo con le politiche e gli attributi, lo studio delle topologie sintetiche derivate dallo studio delle relazioni tra gli AS, attraverso i lavori di ricerca in quest’area, la descrizione dei problemi e delle difficoltà, e offrendo un contributo atto a fornire una maggiore comprensione del processo decisionale nel routing interdominio e una soluzione per l’implementazione di un processo di Peering tra Autonomous System. In particolare, questa tesi introduce un nuovo modello per il processo decisionale in uno speaker BGP attraverso la formalizzazione del routing decision process, e propone un modello matematico esaustivo delle meccaniche legate al processo di Peering Engagement tra Autonomous System, da analizzare come problema di massimizzazione e da risolvere con un Decision Support System (XESS) creato per trovare un sottoinsieme ottimo di soluzioni al problema matematico proposto