Global ETD Search

31	Improving the Quality of Multicast Networks by Using the OPNET Modeler / Förbättra kvaliteten på Multicast-nätverk under OPNET Modeler VIENJIPURAM, KRISHNA KUMARAN, ABDUL, ASMEER BABU January 2010 (has links) This thesis presents different Internet Protocol (IP) multicasting design models and together with their implementation methods in OPNET Modeler 14.5. The models presented in this report are designed for handling various types of advanced multimedia applications and services when using the multicast communication paradigm. The architectural models presented in this thesis are independent of the routing protocols used as well as of the underlying networking environment. Several exiting challenges related to high bandwidth requirements, low network delay, and jitter are discussed together with these design models, and are simulated using the OPNET Modeler. The emerging demands for new multicast capable applications, for both real-time and non real-time traffic are considered together in this report in order to better evaluate multicast traffic requirements. Efficient routing methods, group management policies, and shortest path algorithms are also discussed in the proposed models. The pros and cons of IP multicasting are described using the Protocol Independent Multicast Sparse Mode (PIM-SM) method, in the highlight of the proposed design models. Several results related to link utilization, end-to-end delay, packet loss, PIM control traffic, Internet Group Management Protocol (IGMP), and network convergence are obtained by using already available statistical methods and modules from OPNET Modeler. Our major contribution with this thesis work relates to components associated with network convergence, routing delay, and processing delay. These components are illustrated in this thesis using various OPNET metrics. Moreover, several issues related to protocol scalability, supportability, performance optimization and efficiency are also presented by using OPNET’s build in reports, i.e., executive flow and survivability analysis reports. / 0735609277 IGMP PIM-DM PIM-SM MBONE DVMRP BGP EIGRP
32	Εφαρμογή της θεωρίας των γράφων στους αλγόριθμους δρομολόγησης των σύγχρονων τηλεπικοινωνιακών δικτύων Σπύρου, Παναγιώτης 18 March 2015 (has links) Στην εργασία αυτή, μελετήθηκε η δομή του σύγχρονου ίντερνετ από την σκοπιά του δικτύου και κατέστη σαφές το πως διασυνδέονται οι πάροχοι υπηρεσιών και οι τερματική χρήστες, πως γίνεται η δρομολόγηση και ποιοί αλγόριθμοι χρησιμοποιούνται για τιν επίτευξη της. / This diploma thesis focus on how modern networks connect together in order to create the internet and which algorithms used for the routing of informations that traverse through them. Γράφοι Δρομολόγηση 004.6 Graphs Routing Border Gateway Protocol (BGP)
33	A Consistency Management Layer for Inter-Domain Routing Kushman, Nate, Katabi, Dina, Wroclawski, John 27 January 2006 (has links) This paper proposes an isolation layer -- a shim -- betweeninter-domain routing and packet forwarding. The job of this layer isto coordinate between Autonomous Systems (AS's) on when and how tomodify the forwarding state to ensure inter-domain routing loops donot cause forwarding loops. The benefits of a consistency layer aretwofold. First, it prevents the creation of transient inter-domainforwarding loops and the resulting packet loss, high latency, andconnection failures.Second, by taking the burden of forwarding consistency off theinter-domain routing protocol, it enables inter-domain routingprotocols with more complex convergence characteristics than BGP, suchas protocols that optimize route selection based on performance. Weoffer two possible designs for the consistency layer. We prove thatboth designs are free of forwarding loops and show they are easy todeploy in the current Internet. BGP inter-domain routing internet routing routing loops forwarding loops
34	Cross Continental Access of Information and the Boarder Gateway Protocol Frisk, Johan January 2019 (has links) The usage of technical equipment and the interconnection of all these devices has become essential to our every day life and to provide as good service as possible for the internet of today. However, many have the opportunity to inspect the data as it is being rushed across the globe to provide users with information at the press of a button. This study examines the routing patterns from hundred thousands of trace routes going from user to server around the globe. Using this trace data, we demonstrate not only the number of companies involved in data transfers on other continents then where they are currently not residing, but also give some insight into the amount of routes pertaining to same continent data transfers which takes paths not contained within that same continent. In doing so, we try to explain the inner workings of the protocols used within the process of data transfer, answer a number of security related questions regarding the protocols used, as well as discuss which other circumstances can affect the decision making process. BGP Boarder gateway protocol Computer Sciences Datavetenskap (datalogi)
35	Návrh integrace IPv6 do počítačové sítě Mendelovy univerzity v Brně v oblasti směrování Filip, Tomáš January 2015 (has links) This master thesis deals with integration of IPv6 network protocol into production computer network of Mendel University in Brno in the routing field. The integration includes the Dual Stack transition mechanism, IPv6 address plan, static routing at the perimeter of the university network, and OSPFv3 and MP-BGP routing protocols. Proposed integration plan was verified in the Laboratory of computer networking at the Department of Informatics at FBE MENDELU, and it serves as a template for a final implementation in the production network.
36	Detecting IP prefix hijack events using BGP activity and AS connectivity analysis Alshamrani, Hussain Hameed January 2017 (has links) The Border Gateway Protocol (BGP), the main component of core Internet connectivity, suffers vulnerability issues related to the impersonation of the ownership of IP prefixes for Autonomous Systems (ASes). In this context, a number of studies have focused on securing the BGP through several techniques, such as monitoring-based, historical-based and statistical-based behavioural models. In spite of the significant research undertaken, the proposed solutions cannot detect the IP prefix hijack accurately or even differentiate it from other types of attacks that could threaten the performance of the BGP. This research proposes three novel detection methods aimed at tracking the behaviour of BGP edge routers and detecting IP prefix hijacks based on statistical analysis of variance, the attack signature approach and a classification-based technique. The first detection method uses statistical analysis of variance to identify hijacking behaviour through the normal operation of routing information being exchanged among routers and their behaviour during the occurrence of IP prefix hijacking. However, this method failed to find any indication of IP prefix hijacking because of the difficulty of having raw BGP data hijacking-free. The research also proposes another detection method that parses BGP advertisements (announcements) and checks whether IP prefixes are announced or advertised by more than one AS. If so, events are selected for further validation using Regional Internet Registry (RIR) databases to determine whether the ASes announcing the prefixes are owned by the same organisation or different organisations. Advertisements for the same IP prefix made by ASes owned by different organisations are subsequently identified as hijacking events. The proposed algorithm of the detection method was validated using the 2008 YouTube Pakistan hijack event; the analysis demonstrates that the algorithm qualitatively increases the accuracy of detecting IP prefix hijacks. The algorithm is very accurate as long as the RIRs (Regional Internet Registries) are updated concurrently with hijacking detection. The detection method and can be integrated and work with BGP routers separately. Another detection method is proposed to detect IP prefix hijacking using a combination of signature-based (parsing-based) and classification-based techniques. The parsing technique is used as a pre-processing phase before the classification-based method. Some features are extracted based on the connectivity behaviour of the suspicious ASes given by the parsing technique. In other words, this detection method tracks the behaviour of the suspicious ASes and follows up with an analysis of their interaction with directly and indirectly connected neighbours based on a set of features extracted from the ASPATH information about the suspicious ASes. Before sending the extracted feature values to the best five classifiers that can work with the specifications of an implemented classification dataset, the detection method computes the similarity between benign and malicious behaviours to determine to what extent the classifiers can distinguish suspicious behaviour from benign behaviour and then detect the hijacking. Evaluation tests of the proposed algorithm demonstrated that the detection method was able to detect the hijacks with 96% accuracy and can be integrated and work with BGP routers separately. 004.6
37	Návrh nových laboratorních úloh pro výuku principů komunikačních protokolů / Creation of new laboratory exercises explaining the principles of communication protocols Babjarčiková, Lenka January 2021 (has links) The aim of this master thesis is to create two laboratory exercises in ns-3 network simulator for chosen communication protocols. The chosen protocols are BGP and ICMPv6. The first part of this thesis contains teoretical knowledge used in order to design laboratory exercise. It contains descriptions of funcionality of both protocols and messages they use. This chapter also includes brief description of three options which were considered for implementation of BGP protocol into ns-3 enviroment. The second chapter consists of actual laboratory exercises which were created as a purpose of this thesis. Exercise for BGP protocol deals with creating neighborhoods between routers at autonomous system level, analyzing the way routers communicate within their neighborhoods and how protocol reacts when the connection between two neighbor routers fails. Exercise created for ICMPv6 protocol is focused on its messages and their usage within multiple protocol funcionalities, such as address configuration, link address resolution and error detection. Quagga; ns-3; DCE; BGP; ICMPv6; AS; IPv6
38	The use of BGP Flowspec in the protection against DDoS attacks Chouk, Wissem January 2019 (has links) Flowspec is one of the latest DDoS attacksmitigation tools. It relies on BGPv4 to share itsroute specifications. It presents great advantageswhen it comes to effectively mitigate a (D)DoSattack. However, due to the lack of protection andsecurity of BGP, Flowspec presents somevulnerabilities that can be used against the victimto initiate, enhance or continue an attack. An ISP isinterested to include Flowspec in its mitigationtools. In this thesis, we will evaluate the potentialuse of Flowspec by the ISP after taking intoconsideration 3 uses cases where the protocolwould not be able to act as intended. / Flowspec är ett av de senaste verktigen mot DDoS-attacker. Den är beroende av BGPv4 för att dela dess ruttspecifikationer. Det ger stora fördelar när det gäller att effektivt mildra en (D)DoS-attack. På grund av bristen på skydd och säkerhet för BGP presenterar dock Flowspec vissa sårbarheter som kan användas mot offret för att initiera, förbättra eller gå vidare med en attack. En Internetleverantör gynnas av att inkludera Flowspec i dess begränsningsverktyg. I denna avhandling kommer vi att utvärdera den potentiella a n v ä n d n i n g e n a v F l o w s p e c f r å n Internetleverantörens sida efter att ha beaktat 3 användningsfall där protokollet inte skulle kunna fungera som avsett. DDoS Flowspec BGP Security Networking Engineering and Technology Teknik och teknologier
39	MPLS kontra traditionell IP-routing : en jämförelse av resursåtgång Öhlin, Anton, Viking, Sebastian January 2011 (has links) Multi Protocol Label Switching (MPLS) är en routingteknik som blir allt vanligare i dagens nätverk. Vid implementation av MPLS i nätverk är det grundläggande att hårdvaran har tillräckligt hög prestanda för att hantera tekniken. Om så inte är fallet kan det leda till negativa konsekvenser såsom paketförluster eller i värsta fall att routern havererar. Syftet med arbetet var att ta reda på hur processorbelastningen på en router skiljer sig när MPLS var implementerat jämfört med traditionell IP-routing. Routingprotokollen BGP, OSPF och RIP användes tillsammans med de olika routingteknikerna för att se vilket av dessa som krävde minst processorkraft. För att ta reda på hur processorbelastningen påverkades skapades en experimentmiljö. Varje routingprotokoll konfigurerades tillsammans med MPLS respektive traditionell IP-routing, vilket gav oss sex olika scenarion. Trafik skickades sedan genom nätverket med hjälp av applikationen Ostinato för att belasta enheterna. Resultatet av testerna visade att processorbelastningen blev högre för MPLS än för traditionell IP-routing. Det gällde för samtliga routingprotokoll. Det routingprotokoll som tillsammans med MPLS lyckades hålla processorbealstningen lägst var BGP, medans OSPF orsakade högst processorbelastning. Skillnaden mellan routingprotokollen OSPF och RIP var marginell. / Multi Protocol Label Switching (MPLS) is a growing routing technology. It is getting more common in today’s modern networks. When implementing MPLS, it is essential that the hardware is capable of handling such technology. If not, this could lead to packet loss or even network outage. The purpose of this study was to examine differences between MPLS and traditional IP-routing in aspect of CPU utilization. Routing protocols BGP, OSPF and RIP were configured together with the technologies in order to see which of the mentioned routing protocols that was the most efficient in terms of CPU utilization. An environment was created for the experiment. Each routing protocol was configured together with MPLS and traditional IP-routing respectively, which lead to a total of six scenarios. Traffic was sent through the network with an application called Ostinato with the purpose of increasing the load of the devices. The results showed higher CPU utilization with MPLS compared to traditional IP-routing. This was the case with each routing protocol. BGP had the lowest CPU utilization of the routing protocols in conjunction with MPLS whilst OSPF had the highest. The result between OSPF and RIP was slightly different. MPLS BGP OSPF RIP SNMP CPU utilization MPLS BGP OSPF RIP SNMP processorbelastning Computer Sciences Datavetenskap (datalogi)
40	Déceler les attaques par détournement BGP / Towards uncovering BGP hijacking attacks Jacquemart, Quentin 06 October 2015 (has links) Internet est constitué de milliers de systèmes autonomes (Autonomous Systems, AS) qui échangent des informations de routage grâce au protocole BGP (Border Gateway Protocol). Chaque AS attend des autres qu'il lui donne des informations de routage correctes, et leur accorde donc une confiance totale. Le détournement de préfixe (prefix hijacking) exploite cette confiance afin d'introduire des routes falsifiées. Les techniques qui détectent cette attaque génèrent un nombre important d'alertes, composé de faux positifs résultant d'opérations de routage courantes. Dans cette dissertation, nous cherchons à trouver la cause principale de ces alertes, de manière indubitable. A cette fin, d'une part, nous réduisons le nombre d'alertes en analysant en profondeur ces réseaux, dont nous dérivons une série de structures qui reflètent les pratiques standard de routage du monde réel, et en considérant le risque associé à ces structures lors une attaque par détournement. D'autre part, nous utilisons des bases de données auxiliaires qui nous permettent de connaître la raison derrière un évènement de routage, qui n'est, en général, connue que du propriétaire du réseau. Précisément, nous regardons les préfixes à origines multiples (Multiple Origin AS, MOAS), et mettons en évidence une classification nous permettant d'éliminer 80% des alertes. Nous présentons un cas réel où un MOAS coïncide avec du spam et des sites d'arnaque en ligne. Nous étudions les préfixes non-disjoints, et présentons un prototype permettant d'éliminer 50% des alertes sub-MOAS.Nous explorons l'espace IP non assigné, cherchons des adresses IP joignables, et localisons une grande quantité de spam et des sites d'arnaques en ligne. / The Internet is composed of tens of thousands Autonomous Systems (ASes) that exchange routing information using the Border Gateway Protocol (BGP). Consequently, every AS implicitly trusts every other ASes to provide accurate routing information. Prefix hijacking is an attack against the inter-domain routing infrastructure that abuses mutual trust in order to propagate fallacious routes. The current detection techniques pathologically raise a large number of alerts, mostly composed of false positives resulting from benign routing practices. In this Dissertation, we seek the root cause of routing events beyond reasonable doubts. First, we reduce the global number of alerts by analyzing false positive alerts, from which we extract constructs that reflect real-world standard routing practices. We then consider the security threat associated with these constructs in a prefix hijacking scenario. Second, we use a variety of auxiliary datasets that reflect distinct facets of the networks involved in a suspicious routing event in order to closely approximate the ground-truth, which is traditionally only known by the network owner. Specifically, we investigate Multiple Origin AS (MOAS) prefixes, and introduce a classification that we use to discard up to 80% of false positive. Then we show a real-world case where a MOAS coincided with spam and web scam traffic. We look at prefix overlaps, clarify their global use, and present a prototype that discards around 50% of false positive sub-MOAS alerts. Finally, we explore the IP blackspace, study the routing-level characteristics of those networks, find live IP addresses, and uncover a large amount of spam and scam activities. Internet Réseau Routage Sécurité Détournement de préfixe BGP Border gateway protocol Internet Network Routing Security Prefix hijacking BGP Border gateway protocol

Search results