Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 On the Impact of Route Monitor Selection Ying Zhang* Zheng Zhang # Z. Morley Mao* Y. Charlie Hu # Bruce M. Maggs ^ University of Michigan* Purdue University.

Published byHarold Barnett Modified over 8 years ago

Similar presentations

Presentation on theme: "1 On the Impact of Route Monitor Selection Ying Zhang* Zheng Zhang # Z. Morley Mao* Y. Charlie Hu # Bruce M. Maggs ^ University of Michigan* Purdue University."— Presentation transcript:

1 1 On the Impact of Route Monitor Selection Ying Zhang* Zheng Zhang # Z. Morley Mao* Y. Charlie Hu # Bruce M. Maggs ^ University of Michigan* Purdue University # Carnegie Mellon and Akamai Technologies ^

2 Internet route monitoring systems  Monitor the Internet routing system  Establish passive, default-free BGP sessions with many networks  Collect real-time BGP updates and periodic table snapshots  Discover dynamic changes (e.g., misconfigs, routing attacks)  Example public systems: RouteViews and RIPE 2 AS 7018 AS 3561 AS 174 Internet AS 701 AS 1239 Route monitor Prefix 141.213.15.0/24 “I can reach 141.213.15.0/24” via AE “I can reach 141.213.15.0/24” via DE

3 Limited coverage  Coverage and representativeness  Only monitor a subset of ASes in the Internet  Only monitor at most one router in each AS  Difficulties in obtaining full coverage  Scalability and privacy concerns 3 AS 7018 AS 3561 AS 174 Internet AS 701 AS 1239 Route monitor AS 237AS 105 “I can reach 141.213.15.0/24” via CDG “I can reach 141.213.15.0/24” via CFG

4 Limited visibility on IP Hijacking detection  The accuracy of detection depends on route monitor systems’ visibility  Example problems caused by limited visibility  IP prefix hijacking: ASG hijacks ASE’s prefix  Missed The route monitor system does not cover polluted ASes 4 AS 7018 AS 3561 AS 174 AS 701 AS 1239 Route monitor AS 237AS 105 Path[p] = ABE Path[p] = BE Path[p] = CE Path[p] = DE Path[p] = GDE Path[p] = FGDE Hijack: Path[p] = G Path[p] = AG Path[p] = BE Path[p] = CE Path[p] = DE Path[p] = G Path[p] = FG Path[p] = E Prefix p Prefix p’s origin AS is E Prefix p’s origin AS has changed to be G

5 Motivation  Many research studies rely on BGP data from public route monitors:  Network topology discovery, AS relationship inference, AS level path prediction, etc.  The limitation of coverage and representativeness of the monitors is critical to their results.  Obtaining full coverage is difficult in practice.  Understanding limitation can assist improved route monitor placement. 5

6 Outline  Motivation  Methodology  Discovery of static network properties  Discovery of dynamic network properties  Inference of network properties 6

7 Methodology  Data collection  Public BGP monitoring vantage points: RouteViews and RIPE  Private peering vantage points: 200 distinct ASes  Comparison across different combinations of vantage points  Monitor selection schemes  Random: select monitor nodes randomly  Degree based: select the node with largest degree  Greedy: select the node with largest unobserved links  Address block based: select the node originating largest IP addresses 7

8 Outline  Motivation  Methodology  Discovery of static network properties  Discovery of dynamic network properties  Inference of network properties 8

9 Static network properties  Network topology discovery  IP prefix to origin AS mappings  Identifying stub AS and its providers  Multi-homed ASes  Observed AS paths 9

10 Network topology discovery  The number of observed AS level links  Greedy based selection performs best 10

11 Multi-homed ASes discovery  Discover multi-homed ASes to understand edge network resilience  Greedy based scheme performs best: additional discovered links help discover multi-homed stub ASes 11

12 Outline  Motivation  Methodology  Discovery of static network properties  Discovery of dynamic network properties  Inference of network properties 12

13 Dynamic network properties  Routing instability monitoring  Number of routing updates observed  IP prefix hijacking detection  The visibility of inconsistent origin ASes across routing updates 13

14 Routing instability monitoring 14  Fraction of BGP routing events observed by the set of vantage points  Huge difference between random and other three: core networks are more likely to observe network instabilities

15 IP Prefix hijacking detection  Detected hijacking: as long as one vantage point can observe hijacked routes  Greedy based scheme performs slightly better 15 With 10 vantage points deployed, 0.35% of all possible attacker- victim pairs can evade detection

16 Outline  Motivation  Methodology  Discovery of static network properties  Discovery of dynamic network properties  Inference of network properties 16

17 Inference of network properties  AS relationship inference  Commonly used Gao’s degree-based relationship inference [Gao00]  AS-level path prediction  AS-relationship based profit-driven AS path inference [Mao05]  AS-relationship-independent path prediction [Muhlbauer06] 17

18 AS relationship inference and path prediction  Accuracy: comparing the predicted paths with the observed paths  More vantage points may not increase the accuracy 18

19 AS relationship inference and path prediction – further explanation  More vantage points may not increase the accuracy  It may be due to nature of the degree-based relationship inference  We study the changes of the top degree node per path  More vantage points do not consistently improve the estimation of the top degree nodes 19

20 Conclusion  Examined the route monitor placement impact on various applications  Evaluated four simple placement schemes  Demonstrated the limitation of studies relying on the existing monitoring system  Future work: develop a better placement technique. 20

21 Thank you! Questions? 21

22 AS relationship-independent path prediction  Recent proposed path prediction algorithm not relying on AS relationships  Matched percentage of unobserved does not increase with more monitors 22

Download ppt "1 On the Impact of Route Monitor Selection Ying Zhang* Zheng Zhang # Z. Morley Mao* Y. Charlie Hu # Bruce M. Maggs ^ University of Michigan* Purdue University."

Similar presentations

Locating Prefix Hijackers using LOCK Tongqing Qiu +, Lusheng Ji *, Dan Pei * Jia Wang *, Jun (Jim) Xu +, Hitesh Ballani ++ + College of Computing, Georgia.

Locating Prefix Hijackers using LOCK Tongqing Qiu +, Lusheng Ji *, Dan Pei * Jia Wang *, Jun (Jim) Xu +, Hitesh Ballani ++ + College of Computing, Georgia.
BGP route propagation between neighboring domains Renata Teixeira Laboratoire LIP6 – CNRS University Pierre et Marie Curie – Paris 6 with Steve Uhlig (Delft.

BGP route propagation between neighboring domains Renata Teixeira Laboratoire LIP6 – CNRS University Pierre et Marie Curie – Paris 6 with Steve Uhlig (Delft.
Martin Suchara in collaboration with I. Avramopoulos and J. Rexford How Small Groups Can Secure Interdomain Routing.

Martin Suchara in collaboration with I. Avramopoulos and J. Rexford How Small Groups Can Secure Interdomain Routing.
Consensus Routing: The Internet as a Distributed System 2009. 2. 26 John P. John, Ethan Katz-Bassett, Arvind Krishnamurthy, and Thomas Anderson Presented.

Consensus Routing: The Internet as a Distributed System John P. John, Ethan Katz-Bassett, Arvind Krishnamurthy, and Thomas Anderson Presented.
By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.

By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.
Progress in inferring business relationships between ASs Dmitri Krioukov 4 th CAIDA-WIDE Workshop.

Progress in inferring business relationships between ASs Dmitri Krioukov 4 th CAIDA-WIDE Workshop.
Topology Generation Suat Mercan. 2 Outline Motivation Topology Characterization Levels of Topology Modeling Techniques Types of Topology Generators.

Topology Generation Suat Mercan. 2 Outline Motivation Topology Characterization Levels of Topology Modeling Techniques Types of Topology Generators.
Mohamed Hefeeda 1 School of Computing Science Simon Fraser University, Canada ISP-Friendly Peer Matching without ISP Collaboration Mohamed Hefeeda (Joint.

Mohamed Hefeeda 1 School of Computing Science Simon Fraser University, Canada ISP-Friendly Peer Matching without ISP Collaboration Mohamed Hefeeda (Joint.
1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.

1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.
Traffic Engineering With Traditional IP Routing Protocols

Traffic Engineering With Traditional IP Routing Protocols
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background – Detection of Invalid Routing Announcement in the Internet –Open Discussions Thursday.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Informed Detour Selection Helps Reliability Boulat A. Bash.

U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Informed Detour Selection Helps Reliability Boulat A. Bash.
Analysis of BGP Routing Tables

Analysis of BGP Routing Tables
Accurate Real-Time Identification of IP Prefix Hijacking Z. Morley Mao Xin Hu 2007 IEEE Symposium on and Privacy Oakland, California 2007 IEEE Symposium.

Accurate Real-Time Identification of IP Prefix Hijacking Z. Morley Mao Xin Hu 2007 IEEE Symposium on and Privacy Oakland, California 2007 IEEE Symposium.
1 Relates to Lab 4. This module covers link state routing and the Open Shortest Path First (OSPF) routing protocol. Dynamic Routing Protocols II OSPF.

1 Relates to Lab 4. This module covers link state routing and the Open Shortest Path First (OSPF) routing protocol. Dynamic Routing Protocols II OSPF.
02/06/2006ecs236 winter 20061 Intrusion Detection ecs236 Winter 2006: Intrusion Detection #4: Anomaly Detection for Internet Routing Dr. S. Felix Wu Computer.

02/06/2006ecs236 winter Intrusion Detection ecs236 Winter 2006: Intrusion Detection #4: Anomaly Detection for Internet Routing Dr. S. Felix Wu Computer.
Graphs and Topology Yao Zhao. Background of Graph A graph is a pair G =(V,E) –Undirected graph and directed graph –Weighted graph and unweighted graph.

Graphs and Topology Yao Zhao. Background of Graph A graph is a pair G =(V,E) –Undirected graph and directed graph –Weighted graph and unweighted graph.
Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932

Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932
Ningning HuCarnegie Mellon University1 A Measurement Study of Internet Bottlenecks Ningning Hu (CMU) Joint work with Li Erran Li (Bell Lab) Zhuoqing Morley.

Ningning HuCarnegie Mellon University1 A Measurement Study of Internet Bottlenecks Ningning Hu (CMU) Joint work with Li Erran Li (Bell Lab) Zhuoqing Morley.
Root cause analysis of BGP routing dynamics Matt Caesar, Lakshmi Subramanian, Randy H. Katz.

Root cause analysis of BGP routing dynamics Matt Caesar, Lakshmi Subramanian, Randy H. Katz.

Similar presentations

Ads by Google