Understanding Resiliency of Internet Topology against Prefix Hijack Attacks

Lad, Mohit; Oliveira, Romilde Almeida de; Zhang, Beichuan; Zhang, Lixia

doi:10.1109/dsn.2007.95

Cited by 67 publications

(66 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Recent work on this topic [25], [45], [15], [42] evaluates the proposed solutions by using the inferred AS topologies from the public view. Depending on the exact hijack scenario, an incomplete topology can lead to either an underestimate or overestimate of the hijack impact.…”

Section: Discussionmentioning

confidence: 99%

The (In)Completeness of the Observed Internet AS-level Structure

Oliveira

Pei

Willinger

et al. 2010

IEEE/ACM Trans. Networking

176

View full text Add to dashboard Cite

Abstract-Despite significant efforts to obtain an accurate picture of the Internet's connectivity structure at the level of individual autonomous systems (ASes), much has remained unknown in terms of the quality of the inferred AS maps that have been widely used by the research community. In this paper we assess the quality of the inferred Internet maps through case studies of a sample set of ASes. These case studies allow us to establish the ground truth of connectivity between this set of ASes and their directly connected neighbors. A direct comparison between the ground truth and inferred topology maps yield insights into questions such as which parts of the actual topology are adequately captured by the inferred maps, which parts are missing and why, and what is the percentage of missing links in these parts. This information is critical in assessing, for each class of real-world networking problems, whether the use of currently inferred AS maps or proposed AS topology models is, or is not, appropriate. More importantly, our newly gained insights also point to new directions towards building realistic and economically viable Internet topology maps.

show abstract

Section: Discussionmentioning

confidence: 99%

The (In)Completeness of the Observed Internet AS-level Structure

Oliveira

Pei

Willinger

et al. 2010

IEEE/ACM Trans. Networking

176

View full text Add to dashboard Cite

show abstract

“…Using multiple sources gives also the possibility to benefit from the large number of vantage points they have around the globe. This is important, because a hijacking might affect only a part of the Internet, due to BGP policies and shortest-path routing [12,24].…”

Section: Prefix Hijacking Detection With Artemismentioning

confidence: 99%

Artemis

Chaviaras¹,

Gigis²,

Sermpezis³

et al. 2016

Proceedings of the 2016 ACM SIGCOMM Conference

View full text Add to dashboard Cite

The Border Gateway Protocol (BGP) is globally used by Autonomous Systems (ASes) to establish route paths for IP prefixes in the Internet. Due to the lack of authentication in BGP, an AS can hijack IP prefixes owned by other ASes (i.e., announce illegitimate route paths), impacting thus the Internet routing system and economy. To this end, a number of hijacking detection systems have been proposed. However, existing systems are usually third party services that -inherently-introduce a significant delay between the hijacking detection (by the service) and its mitigation (by the network administrators). To overcome this shortcoming, in this paper, we propose ARTEMIS, a tool that enables an AS to timely detect hijacks on its own prefixes, and automatically proceed to mitigation actions. To evaluate the performance of ARTEMIS, we conduct real hijacking experiments. To our best knowledge, it is the first time that a hijacking detection/mitigation system is evaluated through extensive experiments in the real Internet. Our results (a) show that ARTEMIS can detect (mitigate) a hijack within a few seconds (minutes) after it has been launched, and (b) demonstrate the efficiency of the different control-plane sources used by ARTEMIS, towards monitoring routing changes.

show abstract

“…The Internet was optimized for robustness to physical failures of individual components, and it has proven quite successful in that regard. However, it is fragile to even small soft failures, such as an error in the design of a protocol (as occurred in the early days of the ARPAnet [25]) or a single component that breaks the rules (as with prefix hijacking [26]). …”

Section: Complexity and Robustnessmentioning

confidence: 99%

A taxonomy of biologically inspired research in computer networking

2010

Self Cite

View full text Add to dashboard Cite

a b s t r a c tThe natural world is enormous, dynamic, incredibly diverse, and highly complex. Despite the inherent challenges of surviving in such a world, biological organisms evolve, self-organize, self-repair, navigate, and flourish. Generally, they do so with only local knowledge and without any centralized control. Our computer networks are increasingly facing similar challenges as they grow larger in size, but are yet to be able to achieve the same level of robustness and adaptability. Many research efforts have recognized these parallels, and wondered if there are some lessons to be learned from biological systems. As a result, biologically inspired research in computer networking is a quickly growing field. This article begins by exploring why biology and computer network research are such a natural match. We then present a broad overview of biologically inspired research, grouped by topic, and classified in two ways: by the biological field that inspired each topic, and by the area of networking in which the topic lies. In each case, we elucidate how biological concepts have been most successfully applied. In aggregate, we conclude that research efforts are most successful when they separate biological design from biological implementation -that is to say, when they extract the pertinent principles from the former without imposing the limitations of the latter.

show abstract

Understanding Resiliency of Internet Topology against Prefix Hijack Attacks

Cited by 67 publications

References 13 publications

The (In)Completeness of the Observed Internet AS-level Structure

The (In)Completeness of the Observed Internet AS-level Structure

Artemis

A taxonomy of biologically inspired research in computer networking

Contact Info

Product

Resources

About