A Study of Prefix Hijacking and Interception in the internet - - PowerPoint PPT Presentation
A Study of Prefix Hijacking and Interception in the internet Hitesh Ballani, Paul Francis, Xinyang Zhang Presented by: Tony Z.C Huang, Adapted from slides by Hitesh Ballani Prefix Hijacking/ Interception Internet AS CIA AS U Owning
Hitesh Ballani, Paul Francis, Xinyang Zhang Presented by: Tony Z.C Huang, Adapted from slides by Hitesh Ballani
AS ¡CIA
Internet
AS ¡U Owning Prefix p
AS ¡CIA
Internet
AS ¡U Owning Prefix p
AS ¡CIA
Internet
AS ¡U Owning Prefix p
AS ¡CIA
Internet
AS ¡U
adver8ses ¡a ¡prefix ¡
hole ¡in ¡the ¡internet
Owning Prefix p
AS ¡CIA
Internet
AS ¡U
adver8ses ¡a ¡prefix ¡
hole ¡in ¡the ¡internet
Owning Prefix p
AS ¡CIA
Internet
AS ¡U
adver8ses ¡a ¡prefix ¡
hole ¡in ¡the ¡internet
Owning Prefix p You can route to AS U through me
AS ¡CIA
Internet
AS ¡U
adver8ses ¡a ¡prefix ¡
hole ¡in ¡the ¡internet
Owning Prefix p You can route to AS U through me
AS ¡CIA
Internet
AS ¡U
adver8ses ¡a ¡prefix ¡
hole ¡in ¡the ¡internet
Owning Prefix p You can route to AS U through me
AS ¡CIA
Internet
AS ¡U
adver8ses ¡a ¡prefix ¡
hole ¡in ¡the ¡internet
Owning Prefix p
CIA ¡routes ¡the ¡ intercepted ¡traffic ¡back ¡ to ¡AS ¡U
been ¡intercepted.
You can route to AS U through me
AS ¡CIA
Internet
AS ¡U
adver8ses ¡a ¡prefix ¡
hole ¡in ¡the ¡internet
Owning Prefix p
CIA ¡routes ¡the ¡ intercepted ¡traffic ¡back ¡ to ¡AS ¡U
been ¡intercepted.
You can route to AS U through me
Interception.
the actual probability that an AS can hijack/ intercept traffics from other ASes.
intercept real traffic.
internet.
AS ¡CIA AS ¡Z AS ¡U AS ¡B AS ¡al-‑ Qaeda AS ¡C
AS-PATH = [... A] AS- PATH = [B, ... ,A] AS-PATH = [C, B, ... ,A] AS-PATH = [... , CIA] AS-PATH = [Z, ... CIA]
AS ¡CIA AS ¡Z AS ¡U AS ¡B AS ¡al-‑ Daeda AS ¡C
AS-PATH = [... A] AS- PATH = [B, ... ,A] AS-PATH = [B, C, ... ,A] AS-PATH = [... , CIA] AS-PATH = [Z, ... CIA]
Length Customer Peer Provider Customer Customer Customer Peer Peer Peer Provider Provider Provider
i<n X X X i=n
X i>n Y X X i<n Y X X i=n Y
i>n Y Y X i<n Y Y X i=n Y Y
Y Y Y
to the invalid routes, then AS CIA can not route the traffic back to AS al-Qaeda.
prefix p during the Interception.
AS ¡CIA AS ¡Z AS ¡U AS ¡B AS ¡al-‑ Qaeda AS ¡C
to the invalid routes, then AS CIA can not route the traffic back to AS al-Qaeda.
prefix p during the Interception.
AS ¡CIA AS ¡Z AS ¡U AS ¡B AS ¡al-‑ Qaeda AS ¡C
Some ¡Ases...
current route is a customer routes. Namely, AS al- Qaeda is a customer of AS- CIA.
CIA can advertise the invalid route to all its neighbors, and still satisfies the safety condition.
AS ¡CIA AS ¡Z AS ¡al-‑ Qaeda Customer-to-Provider edge Peer edge
current route is a customer routes. Namely, AS al- Qaeda is a customer of AS- CIA.
CIA can advertise the invalid route to all its neighbors, and still satisfies the safety condition.
AS ¡CIA AS ¡Z AS ¡al-‑ Qaeda Customer-to-Provider edge Peer edge
current route is a peer routes. Namely, AS al- Qaeda is a peer of AS-CIA.
Similar to Case I, AS CIA can propagate to any
the path without violating the safety condition.
AS ¡CIA AS ¡Z1 Customer-to-Provider edge Peer edge AS ¡al-‑ Qaeda AS ¡Z
current route is a peer routes. Namely, AS al- Qaeda is a peer of AS-CIA.
Similar to Case I, AS CIA can propagate to any
the path without violating the safety condition.
AS ¡CIA AS ¡Z1 Customer-to-Provider edge Peer edge AS ¡al-‑ Qaeda AS ¡Z
CIA’s current route is a provider routes.
CIA can only advertises the path to its customer and peers, but not to its provider.
AS ¡CIA Customer-to-Provider edge Peer edge AS ¡Z2 AS ¡Z1 AS ¡Z AS ¡al-‑ Qaeda
CIA’s current route is a provider routes.
CIA can only advertises the path to its customer and peers, but not to its provider.
AS ¡CIA Customer-to-Provider edge Peer edge AS ¡Z2 AS ¡Z1 AS ¡Z AS ¡al-‑ Qaeda
Set)
traffic is hijacked by the hijacking AS, averaged across all ASes and all prefixes.
20 40 60 80 100 T>=3 T-2 T-1 All Probability (%) Type of Intercepting AS Hijacking (LB) Hijacking (UB) Interception (LB) Interception (UB) 20 40 60 80 100 T>=3 T-2 T-1 All Probability (%) Type of Intercepting AS Hijacking (LB) Hijacking (UB) Interception (LB) Interception (UB)
20 40 60 80 100 T>=3 T-2 T-1 All Probability (%) Type of Intercepting AS Hijacking (LB) Hijacking (UB) Interception (LB) Interception (UB) 20 40 60 80 100 T>=3 T-2 T-1 All Probability (%) Type of Intercepting AS Hijacking (LB) Hijacking (UB) Interception (LB) Interception (UB)
20 40 60 80 100 T>=3 T-2 T-1 All Probability (%) Type of Intercepting AS Hijacking (LB) Hijacking (UB) Interception (LB) Interception (UB) 20 40 60 80 100 T>=3 T-2 T-1 All Probability (%) Type of Intercepting AS Hijacking (LB) Hijacking (UB) Interception (LB) Interception (UB)
20 40 60 80 100 T>=3 T-2 T-1 All Probability (%) Type of Intercepting AS Hijacking (LB) Hijacking (UB) Interception (LB) Interception (UB) 20 40 60 80 100 T>=3 T-2 T-1 All Probability (%) Type of Intercepting AS Hijacking (LB) Hijacking (UB) Interception (LB) Interception (UB)
Internet
WCG ATT NTT
Experiment: Have
acts as owner of the prefix, and
to hijack the traffic.
Experiment: Have two of the servers intercepts the traffic and routes the traffic back to the
Berkeley
Pittsburgh Seattle Ithaca Otemachi
Ber Pit Sea Ith Ote % of traffic % of traffic Hijacked Intercepted O ! ! " " 91.7 78.8 ! O ! " " 68.8 67.5 ! ! O " " 97.4 66.2 ! ! ! O " 66.0 47.3 " " " ! O 76.1 23.4 O
: Site owning the prefix
!
: Site not advertising an invalid route during interception
"
: Site advertising an invalid route during interception
internet architecture?
internet architecture?
fully distributed architecture? How about centralized/semi-centralized architecture?
internet architecture?
fully distributed architecture? How about centralized/semi-centralized architecture?
(NIRA, Pathlet, MINT, DONA), which one will help defend against prefix-hijacking? which one will make it worse? Makes no differences?