Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS590B/690B Detecting Network Interference

Published byEleanore Bruce Modified over 6 years ago

Similar presentations

Presentation on theme: "CS590B/690B Detecting Network Interference"— Presentation transcript:

1 CS590B/690B Detecting Network Interference
Lecture 19 Attacks on Decoy Routing Phillipa Gill – Umass -- Amherst

2 Review questions What type of censor adversary does decoy routing assume? How does it try to evade this type of censor? Describe how decoy routing works. What is a sentinel? What is its purpose? Give an example. Why would operators be reluctant to deploy Telex/Cirripede? What property of Tap Dance is meant to reduce operator reluctance? What key observation does Tap Dance use to suppress a response from the legitimate server? Why does this type of packet not get a response from the server?

3 Today: decoy routing Defending against decoy routing! - Routing around decoys - No way home. ACKS: Slides courtesy Amir UMass.

4 Routing Around Decoys Schuchard et al., ACM CCS 2012

5 Routing Around Decoys (RAD)
The Non-Democratic Republic of Repressistan Blocked Decoy AS Gateway Non-blocked The basis of the RAD attack is the observation that ISPs in the censorship region are likely to have multiple paths to any given destination. Therefore, censors can instruct the ISPs under their influence to exclusively select routes that do not pass through the ISPs known to deploy decoy routers. CS660 - Advanced Information Assurance - UMassAmherst

6 The Costs of Routing Around Decoys
Houmansadr et al., NDSS 2014

7 CS660 - Advanced Information Assurance - UMassAmherst
This paper Concrete analysis based on real inter-domain routing data As opposed to relying on the AS graph only While technically feasible, RAD imposes significant costs to censors CS660 - Advanced Information Assurance - UMassAmherst

8 CS660 - Advanced Information Assurance - UMassAmherst
Main intuition: Internet paths are not equal! Standard decision making in BGP aims to maximize QoS and minimize costs CS660 - Advanced Information Assurance - UMassAmherst

9 Internet reachability
Degraded Internet reachability The Non-Democratic Republic of Repressistan Blocked Decoy AS Gateway Non-blocked Decoy AS CS660 - Advanced Information Assurance - UMassAmherst

10 CS660 - Advanced Information Assurance - UMassAmherst
Path preference in BGP ASes are inter-connected based on business relationships Customer-to-provider Peer-to-peer Sibling-to-sibling Standard path preference: Customer Peer/Sibling Provider CS660 - Advanced Information Assurance - UMassAmherst

11 CS660 - Advanced Information Assurance - UMassAmherst
Valley-free routing A valley-free Internet path: each transit AS is paid by at least one neighbor AS in the path ISPs widely practice valley-free routing Edges are not equal, in realy as graph satisfies gao’s. for business reasons ISPs strongly prefers through … CS660 - Advanced Information Assurance - UMassAmherst

12 2. Non-valley-free routes
The Non-Democratic Republic of Repressistan Blocked Provider Decoy AS Gateway Non-blocked if a Chinese AS does not have a decoy- free path to a certain destination, it can re-route traffic to that destination through one of the other 198 ASes in China, e.g., a customer AS or an AS with which it has no business relationship. This is a key factor in the success of the RAD attack, because it increases the number of alternative paths available to the RAD ASes. MPLS VPN Provider Customer CS660 - Advanced Information Assurance - UMassAmherst

13 CS660 - Advanced Information Assurance - UMassAmherst
3. More expensive paths The Non-Democratic Republic of Repressistan Blocked Customer Decoy AS Gateway Non-blocked Dollar sign Provider CS660 - Advanced Information Assurance - UMassAmherst

14 CS660 - Advanced Information Assurance - UMassAmherst
4. Longer paths The Non-Democratic Republic of Repressistan Blocked Decoy AS Gateway Non-blocked susceptible to higher network latencies, lower throughputs, and more frequent network failures CS660 - Advanced Information Assurance - UMassAmherst

15 CS660 - Advanced Information Assurance - UMassAmherst
5. Higher path latencies The Non-Democratic Republic of Repressistan Blocked Decoy AS Gateway Non-blocked Longer routes are not the only cause of higher latencies. The alternative paths selected by RBGP are likely to pass through less popular transit ASes that offer lower capacity, causing packets to experience higher latencies. This is confirmed by our simulations in Section VII, which show that, even when an RBGP path has the same length as the corresponding BGP path, it usually has higher latency. CS660 - Advanced Information Assurance - UMassAmherst

16 CS660 - Advanced Information Assurance - UMassAmherst
6. New transit ASes The Non-Democratic Republic of Repressistan Blocked Decoy AS Gateway Non-blocked Show picture of routers Edge AS CS660 - Advanced Information Assurance - UMassAmherst

17 7. Massive changes in transit load
The Non-Democratic Republic of Repressistan Blocked Loses transit traffic Transit AS Decoy AS Gateway Non-blocked Transit AS Over-loads CS660 - Advanced Information Assurance - UMassAmherst

18 CS660 - Advanced Information Assurance - UMassAmherst
Simulations Use CBGP simulator for BGP Python wrapper Datasets: Geographic location (GeoLite dataset) AS relations (CAIDA’s inferred AS relations) AS ranking (CAIDA’s AS rank dataset) Latency (iPlane’s Inter-PoP links dataset) Network origin (iPlane’s Origin AS mapping dataset) Analyze RAD for Various placement strategies Various placement percentages Various target/deploying Internet regions CS660 - Advanced Information Assurance - UMassAmherst

19 Costs for the Great Firewall of China
A 2% random decoy placement disconnects China from 4% of the Internet Additionally: 16% of routes become more expensive 39% of Internet routes become longer Latency increases by a factor of 8 The number of transit ASes increases by 150% Transit loads change drastically (one AS increases by a factor of 2800, the other decreases by 32%) Random-no-ring-1 4% NVF CS660 - Advanced Information Assurance - UMassAmherst

20 CS660 - Advanced Information Assurance - UMassAmherst
Strategic placement RAD considers random selection for decoy ASes This mostly selects edge ASes Decoys should be deployed in transit ASes instead For better unobservability For better resistance to blocking 86% are edge ASes CS660 - Advanced Information Assurance - UMassAmherst

21 CS660 - Advanced Information Assurance - UMassAmherst
Strategic placement 20% unreachability 43% unreachability 4% unreachability CS660 - Advanced Information Assurance - UMassAmherst

22 CS660 - Advanced Information Assurance - UMassAmherst
Lessons RAD is prohibitively costly to the censors Monetary costs, as well as collateral damage Strategic placement of decoys significantly increases the costs to the censors The RAD attack is more costly to less-connected state-level censors Even a regional placement is effective Analysis of inter-domain routing requires a fine-grained data-driven approach Business problem, not a graph problem. Analysis based solely on the graph topology of the Internet may lead to mistaken conclusions about the feasibility of decoy routing CS660 - Advanced Information Assurance - UMassAmherst

Download ppt "CS590B/690B Detecting Network Interference"

Similar presentations

Censorship Resistance: Decoy Routing Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See.

Censorship Resistance: Decoy Routing Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources. See.
By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.

By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.
Inferring Autonomous System Relationships in the Internet Lixin Gao Dept. of Electrical and Computer Engineering University of Massachusetts, Amherst

Inferring Autonomous System Relationships in the Internet Lixin Gao Dept. of Electrical and Computer Engineering University of Massachusetts, Amherst
1 Internet Path Inflation Xenofontas Dimitropoulos.

1 Internet Path Inflation Xenofontas Dimitropoulos.
Part II: Inter-domain Routing Policies. March 8, 20042 What is routing policy? ISP1 ISP4ISP3 Cust1Cust2 ISP2 traffic Connectivity DOES NOT imply reachability!

Part II: Inter-domain Routing Policies. March 8, What is routing policy? ISP1 ISP4ISP3 Cust1Cust2 ISP2 traffic Connectivity DOES NOT imply reachability!
1 Tutorial 5 Safe “Peering Backup” Routing With BGP Based on:

1 Tutorial 5 Safe “Peering Backup” Routing With BGP Based on:
On Power-Law Relationships of the Internet Topology CSCI 780, Fall 2005.

On Power-Law Relationships of the Internet Topology CSCI 780, Fall 2005.
Inherently Safe Backup Routing with BGP Lixin Gao (U. Mass Amherst) Timothy Griffin (AT&T Research) Jennifer Rexford (AT&T Research)

Inherently Safe Backup Routing with BGP Lixin Gao (U. Mass Amherst) Timothy Griffin (AT&T Research) Jennifer Rexford (AT&T Research)
Inter-domain Routing Outline Border Gateway Protocol.

Inter-domain Routing Outline Border Gateway Protocol.
Pi : A Path Identification Mechanism to Defend against DDos Attacks.

Pi : A Path Identification Mechanism to Defend against DDos Attacks.
1 Meeyoung Cha, Sue Moon, Chong-Dae Park Aman Shaikh Placing Relay Nodes for Intra-Domain Path Diversity To appear in IEEE INFOCOM 2006.

1 Meeyoung Cha, Sue Moon, Chong-Dae Park Aman Shaikh Placing Relay Nodes for Intra-Domain Path Diversity To appear in IEEE INFOCOM 2006.
1 Pertemuan 20 Teknik Routing Matakuliah: H0174/Jaringan Komputer Tahun: 2006 Versi: 1/0.

1 Pertemuan 20 Teknik Routing Matakuliah: H0174/Jaringan Komputer Tahun: 2006 Versi: 1/0.
Impact of Prefix Hijacking on Payments of Providers Pradeep Bangera and Sergey Gorinsky Institute IMDEA Networks, Madrid, Spain Developing the Science.

Impact of Prefix Hijacking on Payments of Providers Pradeep Bangera and Sergey Gorinsky Institute IMDEA Networks, Madrid, Spain Developing the Science.
Quantifying the Causes of Path Inflation Neil Spring, Ratul Mahajan, and Thomas Anderson Presented by Luv Kohli COMP290-088 November 24, 2003.

Quantifying the Causes of Path Inflation Neil Spring, Ratul Mahajan, and Thomas Anderson Presented by Luv Kohli COMP November 24, 2003.
9/15/2015CS622 - MIRO Presentation1 Wen Xu and Jennifer Rexford Department of Computer Science Princeton University Chuck Short CS622 Dr. C. Edward Chow.

9/15/2015CS622 - MIRO Presentation1 Wen Xu and Jennifer Rexford Department of Computer Science Princeton University Chuck Short CS622 Dr. C. Edward Chow.
How Secure are Secure Inter- Domain Routing Protocols? SIGCOMM 2010 Presenter: kcir.

How Secure are Secure Inter- Domain Routing Protocols? SIGCOMM 2010 Presenter: kcir.
TDTS21: Advanced Networking Lecture 7: Internet topology Based on slides from P. Gill and D. Choffnes Revised 2015 by N. Carlsson.

TDTS21: Advanced Networking Lecture 7: Internet topology Based on slides from P. Gill and D. Choffnes Revised 2015 by N. Carlsson.
R-BGP: Staying Connected in a Connected World Nate Kushman Srikanth Kandula, Dina Katabi, and Bruce Maggs.

R-BGP: Staying Connected in a Connected World Nate Kushman Srikanth Kandula, Dina Katabi, and Bruce Maggs.
Advancements in the Inference of AS Relationships Xenofontas Dimitropoulos (Fontas) (CAIDA/GaTech) Dmitri Krioukov Bradley Huffaker k claffy George Riley.

Advancements in the Inference of AS Relationships Xenofontas Dimitropoulos (Fontas) (CAIDA/GaTech) Dmitri Krioukov Bradley Huffaker k claffy George Riley.
Routing Around Decoys Max Schuchard, John Geddes, Christopher Thompson, Nicholas Hopper Proposed in FOCI'11, USINIX Security'11 and CCS'11 Presented by:

Routing Around Decoys Max Schuchard, John Geddes, Christopher Thompson, Nicholas Hopper Proposed in FOCI'11, USINIX Security'11 and CCS'11 Presented by:

Similar presentations

Ads by Google