Investigating the Effectiveness of Stealthy Hijacks against Public Route Collectors : Is AS-Path Prepending Enough to Hide from Public Route Collectors? / Undersökning av effektiviteten hos smygande kapningar mot offentliga ruttinsamlare : Är AS-Path Prepending tillräckligt för att dölja från offentliga ruttinsamlare?

Wang, Kunyu

January 2023

BGP hijacking is a threat to network organizations because traditional BGP protocols were not designed with security in mind. Currently, research to combat hijacking is being done by detecting hijacking in real time from Public Route Collectors. However, by using AS-Path Prepending, a well-known traffic engineering technique, hijackers could adjust the influence scope of hijacks to potentially avoid Public Route Collectors. This thesis investigates fist, whether AS-Path Prepending is sufficient to hide from Public Route Collector, and second whether the hijacker can predict its hijack’s stealthiness by simply comparing the AS path length with the victim. Last, we investigate the non-hijacker-controlled parameters, which are the geographical locations and victim prepending times if the victim also enable AS-Path Prepending for traffic engineering in our study. Our results show that on one hand, AS-Path Prepending benefits stealthy hijacks to route collectors. While on the other hand, it is not sufficient to completely hide from route collectors only using it. By simply comparing the AS paths length, the hijacker’s prediction is constructive but not practical. And non-hijacker-controlled parameters indeed can significantly affect the stealthiness of hijacking. / BGP-kapning är ett hot mot nätverksorganisationer eftersom traditionella BGP-protokoll inte har utformats med säkerheten i åtanke. För närvarande bedrivs forskning för att bekämpa kapning genom att upptäcka kapning i realtid från offentliga ruttinsamlare. Genom att använda AS-Path Prepending, en välkänd trafikteknik, kan kapare dock justera kapningarnas inflytande för att eventuellt undvika offentliga ruttinsamlare. I den här avhandlingen undersöks för det första om AS-Path Prepending är tillräckligt för att dölja sig för Public Route Collector och för det andra om kaparen kan förutsäga hur smygande kapningen är genom att helt enkelt jämföra AS Path-längden med offrets. Slutligen undersöker vi de parametrar som inte kontrolleras av kaparen, dvs. geografiska platser och offrets prependingtider om offret också aktiverar AS-Path Prepending för trafikteknik i vår studie. Våra resultat visar att AS-Path Prepending å ena sidan gynnar smygande kapningar av ruttinsamlare. Å andra sidan räcker det inte för att helt och hållet dölja sig för ruttinsamlare om man bara använder det. Genom att helt enkelt jämföra AS-vägarnas längd är kaparens förutsägelser konstruktiva men inte praktiska. Parametrar som inte kontrolleras av kaparen kan faktiskt påverka kapningens smygande på ett betydande sätt.

BGP

BGP Hijack

Stealthy IP prefix hijacking

AS-Path Prepending

BGP monitoring

BGP

BGP Hijack

Stealthy IP prefix hijacking

AS-Path Prepending

BGP-övervakning

Computer and Information Sciences

Data- och informationsvetenskap

Measuring and Modeling Internet Routing for Realistic Simulations

Dimitropoulos, Christos Xenofontas A.

17 May 2006

The Internet is composed of thousands of diverse networks that exchange routing information using the Border Gateway Protocol (BGP). BGP is one of the most critical protocols of the Internet, since it connects these diverse networks to enable communication between remote domains. Despite its critical nature, BGP suffers from a variety of serious problems, which have triggered substantial research on developing improved versions of BGP and new routing architectures. In this dissertation, we introduce necessary tools and data-mining techniques for analyzing the present routing architecture and for evaluating new routing protocols. We focus on the problem of performing realistic BGP simulations and we first develop a BGP simulator enabling detailed and large-scale BGP simulations. Then, we introduce techniques to collect vital Internet routing data, which are essential in conducting realistic BGP simulations. Finally, we introduce models of the collected data.

Modeling

Topology

Simulation

BGP

Routing

Internet

EXTENDING AND ENHANCING GT-ITM

Namjoshi, Aditya

01 January 2006

GT-ITMis a topology generation tool. Since its release GTITMis widely used in the scientific community for network simulations. GTITM is extended to support routing on its topology. The routing algorithm used for interdomain routing attempts to emulate the BGP routing protocol seen on the internet. It uses a policy file if supplied to make routing decisions. An additional functionality provided with the tool is the ability to automatically generate policy file for large graphs.

GT-ITM|Topology|Routing|Internet|BGP

Algorithms and Models for Problems in Networking

Dinitz, Michael

27 July 2010

Many interesting theoretical problems arise from computer networks. In this thesis we will consider three of them: algorithms and data structures for problems involving distances in networks (in particular compact routing schemes, distance labels, and distance oracles), algorithms for wireless capacity and scheduling problems, and algorithms for optimizing iBGP overlays in autonomous systems on the Internet. While at first glance these problems may seem extremely different, they are similar in that they all attempt to look at a previously studied networking problem in new, more realistic frameworks. In other words, they are all as much about new models for old problems as they are about new algorithms. In this thesis we will define these models, design algorithms for them, and prove hardness and impossibility results for these three types of problems.

Algorithms

Networking

Spanners

Routing

Wireless

Capacity

BGP

Simulační úlohy v NS2 ověřující znalosti protokolů BGP a multicastu / Simulation scenarios in NS2 demonstrating knowledge of BGP and multicast

Sobotka, David

January 2010

Network simulation can be beneficial not only in solving problems while applying new standards or recommendations, but also primarily an aid in understanding and verifying knowledge of behaviour of communications protocols. The aim of the thesis is to create illustrative tasks in the simulation environment, Network Simulator 2 (NS-2), which are designed to verify the behavior of BGP and multicast. Created tasks are above all devoted to BGP, which is the cornerstone of routing information of all IP networks conglomerate, the Internet. The first two tasks designed for BGP use the implementation of ns-BGP and the remaining are based on the implementation of BGP++. The tasks verify both the function of basic attributes of the protocol, influencing the decision making process when routing information (AS_PATH, MED, LOCAL_PREF, WEIGHT), and furthermore the methods or parameters affecting the efficiency of the process of routing and a reduction of excessive network traffic (BGP confederation, routing, aggregation, MRAI). The last task regards multicast, more specifically the type of DM, which is a group of the so-called Dense Mode. The task illustrates how to join/leave groups and spread messages of types GRAFT and PRUNE under a constant data stream.

Laboratorní úlohy v prostředí OPNET pro předmět Pokročilé komunikační techniky / Laboratory exercises in OPNET environment for Advanced communication techniques course

Mikulecký, Miloš

January 2012

The Master´s Thesis describes laboratory exercises for Advanced communication technology subject. Exercises are created in Opnet IT Guru aplication. Each exercise has detailed instructions according to which can be realized whole exercise. Each exercise also contains individual task, where are checked knowledge gained from studies of example exercise. Exercises are based on issues of routing in autonomous systems, protocol BGP, protocols TCP and UDP and issues of QoS in IP networks.

BGP; UDP; QoS; Opnet IT Guru; TCP

Rozbor protokolů CISCO sítí / Protocols Analysis of CISCO Networks

Karlík, Martin

January 2016

ABSTRACT Bc.Karlík, Martin Department of Telecommunications, Faculty of Electrical Engineering and Communication, Brno University of Technology. Analysis of CISCO networking protocols This semestral thesis is focused on CISCO networks and protocols like MPLS, BGP, Ipv4, Ipv6, Multicast – sprase / dense mode. The task was study of those protocols and design and implement lab excercise with one of those protocols by using free network simulator GNS3. In this excercise is used CISCO router 3745.

An online distributed algorithm for inferring policy routing configurations

Epstein, Samuel Randall

22 January 2016

We present an online distributed algorithm, the Causation Logging Algorithm (CLA), in which Autonomous Systems (ASes) in the Internet individually report route oscillations/flaps they experience to a central Internet Routing Registry (IRR). The IRR aggregates these reports and may observe what we call causation chains where each node on the chain caused a route flap at the next node along the chain. A chain may also have a causation cycle. The type of an observed causation chain/cycle allows the IRR to infer the underlying policy routing configuration (i.e. the system of economic relationships and constraints on route/path preferences). Our algorithm is based on a formal policy routing model that captures the propagation dynamics of route flaps under arbitrary changes in topology or path preferences. We derive invariant properties of causation chains/cycles for ASes which conform to economic relationships based on the popular Gao-Rexford model. The Gao-Rexford model is known to be safe in the sense that the system always converges to a stable set of paths under static conditions. Our CLA algorithm recovers the type/property of an observed causation chain of an underlying system and determines whether it conforms to the safe economic Gao-Rexford model. Causes for nonconformity can be diagnosed by comparing the properties of the causation chains with those predicted from different variants of the Gao-Rexford model.

Computer science

BGP

Routing

Stable paths problem

Structure et régulation de la glycogène phosphorylase cérébrale / Structure and regulation of the brain glycogen phosphorylase

Mathieu, Cécile

30 September 2016

La glycogène phosphorylase (GP) est l'enzyme clé de la mobilisation du glycogène dans les cellules. Chez l'homme, cette enzyme est retrouvée sous trois isoformes dont une cérébrale (GPc). Ces trois enzymes allostériques sont régulées à la fois par fixation d'effecteurs, et par phosphorylation. Cependant, bien que très similaires, la GPc présentent des caractéristiques de régulation qui lui sont propres. Par ailleurs, la GPc possède dans sa séquence plusieurs résidus cystéines réactifs suggérant que celle-ci peut être soumise à une régulation par les espèces réactives de l'oxygène (EROs). L'objectif de ce travail a donc été d'étudier les mécanismes moléculaires et cellulaires de la régulation de la GPc. Dans un premier temps, nous avons déterminé la structure de la GPc jusqu'à présent inconnue. Ces analyses ont permis de mettre en évidence les bases structurales de la régulation de la GPc par ses effecteurs allostériques. Nous nous sommes ensuite intéressés à la régulation de cette enzyme par le H2O2. Grâce à des approches de biochimie et de biologie cellulaire, nous avons montré que le H2O2 induit la formation d'un pont disulfure intramoléculaire au niveau du site de fixation de l'AMP, empêchant l'activation de cette enzyme par son effecteur allostérique. Cette régulation, spécifique de la GPc, permet un contrôle de la glycogénolyse par phosphorylation uniquement, en condition oxydante. Enfin, nous avons mis en évidence la capacité de composés environnementaux électrophiles (pesticides) à détourner la régulation redox de la GPc, conduisant à une altération du métabolisme du glycogène et pouvant ainsi participer au développement de pathologies neurodégénératives / Glycogen phosphorylase (GP) is the key enzyme for glycogen mobilization in cells. I human, this enzyme is found as three isoforms : liver GP (lGP), muscle GP (mGP) and brain GP (bGP). These three enzymes are allosteric enzymes, regulated by both the binding of allosteric effectors and phosphorylation. However, despite GPs are highly similar, bGP display distinguishing features. In addition, highly reactive cysteine residues are found in the primary sequence of bGP, suggesting that this enzyme might be regulated by reactive oxygen species (ROS). As a consequence, we investigated the molecular and cellular regulation of the bGP. First, we determined the crystal structure of this enzyme, so far unknown. These data revealed the structural bases of bGP regulation by its allosteric effectors, leading to the activation and the inactivation of the enzyme. We then focused on the regulation of bGP by H2O2, a model of ROS. Using biochemical and cellular approaches, we showed that H2O2 induces the formation of an intramolecular disulfide bond in the AMP binding site of the enzyme, avoiding its regulation by the allosteric effectors, without affecting its regulation by phosphorylation. Under oxidative condition, this regulation, unique to the brain form of GP, allows a control of the glycogenolysis through phosphorylation only. Finally, we demonstrated that electrophilic compounds from the environment (pesticides) might divert the redox regulation of bGP, leading to the alteration of glycogen metabolism which could participate to the development of neurodegenerative diseases

Fonctions cérébrales

GPc

Brain functions

BGP

Virtualization and Distribution of the BGP Control Plane / Virtualisation et distribution du plan de contrôle BGP

Oprescu, Mihaela Iuniana

18 October 2012

L'Internet est organisé sous la forme d'une multitude de réseaux appelés Systèmes Autonomes (AS). Le Border Gateway Protocol (BGP) est le langage commun qui permet à ces domaines administratifs de s'interconnecter. Grâce à BGP, deux utilisateurs situés n'importe où dans le monde peuvent communiquer, car ce protocole est responsable de la propagation des messages de routage entre tous les réseaux voisins. Afin de répondre aux nouvelles exigences, BGP a dû s'améliorer et évoluer à travers des extensions fréquentes et de nouvelles architectures. Dans la version d'origine, il était indispensable que chaque routeur maintienne une session avec tous les autres routeurs du réseau. Cette contrainte a soulevé des problèmes de scalabilité, puisque le maillage complet des sessions BGP internes (iBGP) était devenu difficile à réaliser dans les grands réseaux. Pour couvrir ce besoin de connectivité, les opérateurs de réseaux font appel à la réflection de routes (RR) et aux confédérations. Mais si elles résolvent un problème de scalabilité, ces deux solutions ont soulevé des nouveaux défis car elles sont accompagnées de multiples défauts; la perte de diversité des routes candidates au processus de sélection BGP ou des anomalies comme par exemple des oscillations de routage, des déflections et des boucles en font partie. Les travaux menés dans cette thèse se concentrent sur oBGP, une nouvelle architecture pour redistribuer les routes externes à l'intérieur d'un AS. `A la place des classiques sessions iBGP, un réseau de type overlay est responsable (I) de l'´echange d'informations de routage avec les autres AS, (II) du stockage distribué des routes internes et externes, (III) de l'application de la politique de routage au niveau de l'AS et (IV) du calcul et de la redistribution des meilleures routes vers les destinations de l'Internet pour tous les routeurs clients présents dans l'AS / The Internet is organized as a collection of networks called Autonomous Systems (ASes). The Border Gateway Protocol (BGP) is the glue that connects these administrative domains. Communication is thus possible between users worldwide and each network is responsible of sharing reachability information to peers through BGP. Protocol extensions are periodically added because the intended use and design of BGP no longer fit the current demands. Scalability concerns make the required internal BGP (iBGP) full mesh difficult to achieve in today's large networks and therefore network operators resort to confederations or Route Reflectors (RRs) to achieve full connectivity. These two options come with a set of flaws of their own such as route diversity loss, persistent routing oscillations, deflections, forwarding loops etc. In this dissertation we present oBGP, a new architecture for the redistribution of external routes inside an AS. Instead of relying on the usual statically configured set of iBGP sessions, we propose to use an overlay of routing instances that are collectively responsible for (I) the exchange of routes with other ASes, (II) the storage of internal and external routes, (III) the storage of the entire routing policy configuration of the AS and (IV) the computation and redistribution of the best routes towards Internet destinations to each client router in the AS

Routage

Architecture

Bgp

Virtualisation

Passage à l'échelle

Routing

Architecture

Scalability

Bgp

Virtualization