detection classification and analysis of inter domain
play

Detection, Classification, and Analysis of Inter-Domain Traffic - PowerPoint PPT Presentation

Apr 06, 2024 •478 likes •1.13k views

  1. ��������� ���������� ������� ���������� ������� ������� ������� �������� ���� �������� ���������� �� ������ Detection, Classification, and Analysis of Inter-Domain Traffic with Spoofed Source IP Addresses @Internet Measurement Conference ’17, London

  2. Introduction

  3. � �� ������ ������� ������� �� ��� ������������ ��� ��������� ��� ������ ������� �������� � �������� ������������ ����� ������ �������� � ������� ���������� ���������� ��� ������������ � The Unsolved Spoofing Problem Need for insights about qualitative and quantitative characteristics of spoofed traffic and AS level spoofability

  4. � Detecting Spoofed Traffic is Hard... ? ? SRC IP: 149.10.4.2 How do we decide if a given packet has a spoofed source IP address?

  5. � Overview

  6. ������� ������ �� ��� ������������ �������� ��� ������������� �� ������ ��������� ������� ���� �������� ��� ������������ ���������� ����� �������� ����� ��� ������� ��� �������� �������� �� ����������� ��������������� �� ������� ������ � Contributions ��� ����������� �� � passive �������� �� ������ ��������

  7. ������� ������ �� ��� ������������ �������� ��� ������������� �� ������ ��������� ������� ���� �������� ��� ������������ ���������� ����� �������� ����� ��� ������� ��� �������� �������� �� ����������� ��������������� �� ������� ������ � Contributions ��� ����������� �� � passive �������� �� ������ ��������

  8. ������� ������ �� ��� ������������ �������� ��� ������������� �� ������ ��������� ������� ���� �������� ��� ������������ ���������� ����� �������� ����� ��� ������� ��� �������� �������� �� ����������� ��������������� �� ������� ������ � Contributions ��� ����������� �� � passive �������� �� ������ ��������

  9. ������� ������ �� ��� ������������ �������� ��� ������������� �� ������ ��������� ������� ���� �������� ��� ������������ ���������� ����� �������� ����� ��� ������� ��� �������� �������� �� ����������� ��������������� �� ������� ������ � Contributions ��� ����������� �� � passive �������� �� ������ ��������

  10. Identifying Spoofed Traffic

  11. What we want to uncover... not of the interface of the sending host � Feature we can leverage... ������� ���� ������ �� ��������� ���� ��� ������ �� ������� � Classifying IP Source Addresses

  12. Feature we can leverage... ������� ���� ������ �� ��������� ���� ��� ������ �� ������� � Classifying IP Source Addresses What we want to uncover... not of the interface of the sending host �

  13. ������� ���� ������ �� ��������� ���� ��� ������ �� ������� � Classifying IP Source Addresses What we want to uncover... not of the interface of the sending host � Feature we can leverage...

  14. ������ ���� ���� �������� � �������� ���������� ������ ���� � ������ ������� ���� �� ������� �� ���� ���� �� �� ����� ����� � Things We Should Never See on the Internet: Bogon Bogon IPv4 space routable bogon (86.2%) (13.8%)

  15. � ��� ����� ������� ��������� �� �� ����� �������� ������ ���� � ������ ������� ������������� ������ ���� �� ��� ������� ���� ��� �������� ������� � ������� � ���� �� �������� ���������� � ������� ������������ Things We Should Never See on the Internet: Unrouted Unrouted IPv4 space routable bogon (86.2%) (13.8%) unrouted (18.1%) AS agnostic ���� �� not ������� �� ���� ����

  16. ����� �� �� �� � valid source � valid prefixes per AS � � � �� ����� �� �� �������� ������ �� ��� �������� ��������� ��� ���� �� ��������� ����� �� � ��������� ��� ��� �� ��� ��� ������ ��� ����� � ����� �� �� ������� �� ������ Who is Allowed to Send What? IPv4 space routable bogon (86.2%) (13.8%) routed (68.1%) unrouted invalid valid (18.1%) AS agnostic AS speci fi c

  17. valid prefixes per AS � � � �� ����� �� �� �������� ������ �� ��� �������� ��������� ��� ���� �� ��������� ����� �� � ��������� ��� ��� �� ��� ��� ������ ��� ����� � ����� �� �� ������� �� ������ Who is Allowed to Send What? IPv4 space routable bogon (86.2%) (13.8%) routed (68.1%) unrouted invalid valid (18.1%) ����� �� �� �� � valid source � AS agnostic AS speci fi c

  18. � � �� ����� �� �� �������� ������ �� ��� �������� ��������� ��� ���� �� ��������� ����� �� � ��������� ��� ��� �� ��� ��� ������ ��� ����� � ����� �� �� ������� �� ������ Who is Allowed to Send What? IPv4 space routable bogon (86.2%) (13.8%) routed (68.1%) unrouted invalid valid (18.1%) ����� �� �� �� � valid source � AS agnostic AS speci fi c valid prefixes per AS �

  19. � Identifying Invalid: Legitimate IP Address Space per AS other ASes Public Internet AS C AS A AS B AS D

  20. �� ������ ��� ������ ����������� ���� ���� ������ Identifying Invalid: Legitimate IP Address Space per AS other ASes p1, p2 Public Internet AS C AS A AS A announcing prefixes p1 and p2 to the other ASes AS B AS D Announcement Assumption � �� �� ���������� � ����� �� ���� � ����������

  21. �� ��������� ���� �� ����� ������� ��� ���� �� Identifying Invalid: Legitimate IP Address Space per AS other ASes p1, p2 Public Internet AS C AS A AS A announcing prefixes p1 and p2 p1 to the other ASes p2 ... AS B List of valid prefixes for AS A AS D Announcement

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann

A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann

A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann October 9, 2019 iNET RG, Hamburg University of Applied Sciences Overview IP Spoofing Mitigation in General Detection in Inter-Domain Traffic

778 views • 42 slides
A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann,

A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann,

A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann, Raphael Hiesgen, Thomas C. Schmidt, Matthias Whlisch t.schmidt@haw-hamburg.de Spoofing Detection in Interdomain Traffic Starting Point: Our

326 views • 8 slides
1 Inter-Domain Routing Network comprised of many Autonomous Systems (ASes) or domains 23

1 Inter-Domain Routing Network comprised of many Autonomous Systems (ASes) or domains 23

CSE/EE 461 Lecture 11 Inter-domain Routing This Lecture Focus How do we make routing scale? Application Presentation Inter-domain routing Session ASes and BGP Transport Network Data Link Physical sdg // CSE/EE 461,

395 views • 5 slides
Inter-Domain DOTS Use Cases draft-nishizuka-dots-inter-domain-usecases-00 Kaname Nishizuka, NTT

Inter-Domain DOTS Use Cases draft-nishizuka-dots-inter-domain-usecases-00 Kaname Nishizuka, NTT

Inter-Domain DOTS Use Cases draft-nishizuka-dots-inter-domain-usecases-00 Kaname Nishizuka, NTT Communications Nov. 2015 IETF94@yokohama Draft Overview Motivation The volume of DDoS attack will exceed available anti- DDoS capability by

802 views • 10 slides
How NOC manages and controls inter-domain traffic? 5 th tf-noc meeting, Dubrovnik

How NOC manages and controls inter-domain traffic? 5 th tf-noc meeting, Dubrovnik

How NOC manages and controls inter-domain traffic? 5 th tf-noc meeting, Dubrovnik nino.ciurleo@garr.it Agenda Inter-domain traffic: o how does NOC monitor and control it? Common case as example: new BGP peer activation -> new

479 views • 35 slides
Analysis and evaluation of classification models for disease detection using human gut

Analysis and evaluation of classification models for disease detection using human gut

Analysis and evaluation of classification models for disease detection using human gut metagenomic data Analysis and evaluation of classification models for disease detection using human gut metagenomic data Elena Kochkina, Fredrik Karlsson

620 views • 28 slides
CCECE 2003 Signal Classification through Multifractal Analysis and Complex Domain Neural

CCECE 2003 Signal Classification through Multifractal Analysis and Complex Domain Neural

CCECE 2003 Signal Classification through Multifractal Analysis and Complex Domain Neural Networks V. Cheung, K. Cannons, W. Kinsner, and J. Pear* Department of Electrical & Computer Engineering Signal and Data Compression Laboratory

208 views • 17 slides
CS 557 Inter-Domain Routing Introduction to BGP Routing Tutorial slides from Tim Griffin, 2001

CS 557 Inter-Domain Routing Introduction to BGP Routing Tutorial slides from Tim Griffin, 2001

CS 557 Inter-Domain Routing Introduction to BGP Routing Tutorial slides from Tim Griffin, 2001 Spring 2013 Inter-domain Routing 2153 11537 1706 52 FRGP Level 3 ARIZONA ColoState Autonomous Systems (AS) Border Gateway Protocol

566 views • 30 slides
Bootstrapping evolvability for inter-domain routing with D-BGP Raja Sambasivan David Tran-Lam,

Bootstrapping evolvability for inter-domain routing with D-BGP Raja Sambasivan David Tran-Lam,

Bootstrapping evolvability for inter-domain routing with D-BGP Raja Sambasivan David Tran-Lam, Aditya Akella, Peter Steenkiste This talk in one slide What evolvability features needed in any Q inter-domain protocol? New New Existing

609 views • 26 slides
An Analysis of Domain Classification Services Pelayo Vallina, Victor Le Pochat, lvaro Feal,

An Analysis of Domain Classification Services Pelayo Vallina, Victor Le Pochat, lvaro Feal,

Mis-shapes, Mistakes, Misfits : An Analysis of Domain Classification Services Pelayo Vallina, Victor Le Pochat, lvaro Feal, Marius Paraschiv, Julien Gamba, Tim Burke, Oliver Hohlfeld, Juan Tapiador, Narseo Vallina-Rodriguez web directories

480 views • 37 slides
Inter-Domain Routing Security Inter-Domain Routing Security ~ ~BGP BGP Route Hijacking~ Route

Inter-Domain Routing Security Inter-Domain Routing Security ~ ~BGP BGP Route Hijacking~ Route

Inter-Domain Routing Security Inter-Domain Routing Security ~ ~BGP BGP Route Hijacking~ Route Hijacking~ Mar 1 2007 in APRICOT 2007 NTT Communications Corp. Taka Mizuguchi Tomoya Yoshida What s BGP Route Hijacking? s BGP Route

583 views • 40 slides
From image classification to object detection Image classification Object detection Image source

From image classification to object detection Image classification Object detection Image source

From image classification to object detection Image classification Object detection Image source Slides from L. Lazebnik What are the challenges of object detection? Images may contain more than one class, multiple instances from the same

1.11k views • 57 slides
shot boundary detection combining similarity analysis and classification Matthew Cooper 1 , Ting

shot boundary detection combining similarity analysis and classification Matthew Cooper 1 , Ting

shot boundary detection combining similarity analysis and classification Matthew Cooper 1 , Ting Liu 2 , and Eleanor Rieffel 1 1 FX Palo Alto Laboratory http://www.fxpal.com 2 Dept. of Computer Science Carnegie Melon University

530 views • 21 slides
Bootstrapping evolvability for inter-domain routing Raja Sambasivan , David Tran-Lam, Aditya

Bootstrapping evolvability for inter-domain routing Raja Sambasivan , David Tran-Lam, Aditya

Bootstrapping evolvability for inter-domain routing Raja Sambasivan , David Tran-Lam, Aditya Akella, Peter Steenkiste Inter-domain routing is stagnant Many proposed fi xes/replacements for BGP E.g., LISP [RFC 6830], S-BGP [SAC00], Wiser,

350 views • 23 slides
Inter-Domain Lies Based on TMA 2019 Paper - Focus on Infrastructure Julian M. Del Fiore Pascal

Inter-Domain Lies Based on TMA 2019 Paper - Focus on Infrastructure Julian M. Del Fiore Pascal

Filtering the Noise to Reveal Inter-Domain Lies Based on TMA 2019 Paper - Focus on Infrastructure Julian M. Del Fiore Pascal Merindol, Valerio Persico, Cristel Pelsser, Antonio Pescape AS C AS D p2p AS B AS X AS E Inter-Domain Lie

109 views • 9 slides
Classification And Novel Class Detection ISIC Skin Image Analysis Workshop, June 15 th , 2020

Classification And Novel Class Detection ISIC Skin Image Analysis Workshop, June 15 th , 2020

Learning A Meta-Ensemble Technique For Skin Lesion Classification And Novel Class Detection ISIC Skin Image Analysis Workshop, June 15 th , 2020 Subhranil Bagchi Anurag Banerjee Deepti R. Bathula Department of Computer Science and Engineering

632 views • 33 slides
Overview of the Impact of Body Cameras on the Operations and Workload of Commonwealths

Overview of the Impact of Body Cameras on the Operations and Workload of Commonwealths

Overview of the Impact of Body Cameras on the Operations and Workload of Commonwealths Attorneys Offices Michael Jay, Fiscal Analyst House Appropriations Committee Retreat November 13, 2018 2 Code Requirements and Current Staffing

194 views • 16 slides
PROPOSED OECD CHANGES RELATED TO INTERNATIONAL TRANSPORT Jacques Sasseville OECD Tax Treaty Unit

PROPOSED OECD CHANGES RELATED TO INTERNATIONAL TRANSPORT Jacques Sasseville OECD Tax Treaty Unit

PROPOSED OECD CHANGES RELATED TO INTERNATIONAL TRANSPORT Jacques Sasseville OECD Tax Treaty Unit Current proposals for changes November 2013 Discussion draft (see OECD web site) Comments received - Cruise Lines International

423 views • 24 slides
Ambleside Boat Launch Closure Ramp to Close by December 31, 2016 District of West Vancouver

Ambleside Boat Launch Closure Ramp to Close by December 31, 2016 District of West Vancouver

Ambleside Boat Launch Closure Ramp to Close by December 31, 2016 District of West Vancouver approved the Ambleside Waterfront Concept Plan June 13 2016. The otio approved direts staff to: Close vehicular traffic to the boat

523 views • 21 slides
PROJECT OVERVIEW Spanish Springs - Reno, NV PROJECT OVERVIEW REQUES T: To approve a tentative

PROJECT OVERVIEW Spanish Springs - Reno, NV PROJECT OVERVIEW REQUES T: To approve a tentative

PROJECT OVERVIEW Spanish Springs - Reno, NV PROJECT OVERVIEW REQUES T: To approve a tentative map to allow the subdivision of 3.66 acres into 98 lots, for personal storage units, with 2.24 acres of common open space for the Luxelocker LLC.

292 views • 14 slides
The Spoofer Project Inferring the Extent of Source Address Filtering on the Internet Rob Beverly

The Spoofer Project Inferring the Extent of Source Address Filtering on the Internet Rob Beverly

The Spoofer Project Inferring the Extent of Source Address Filtering on the Internet Rob Beverly and Steve Bauer {rbeverly,bauer}@mit.edu The Spoofer Project Goal: Quantify the extent and nature of source address filtering on the

421 views • 31 slides
3 Org Structure Politicians IT Network Structure 5 History of projects between

3 Org Structure Politicians IT Network Structure 5 History of projects between

3 Org Structure Politicians IT Network Structure 5 History of projects between CMU and the City Heinz College Information Systems & Management Public Policy and Management Penetration Test project last

985 views • 22 slides
Being a good Netizen GRNOG 9 December 6 2019 Antonis Lioumis GRNET/NOC National

Being a good Netizen GRNOG 9 December 6 2019 Antonis Lioumis GRNET/NOC National

http:// www.grnet.gr Being a good Netizen GRNOG 9 December 6 2019 Antonis Lioumis GRNET/NOC National Infrastructures for Research and Technology Connect Research and Educational Community in Greece GRIX operators Network

112 views • 10 slides
Cebu - Shelter Cluster Meeting 14:00, Dec 13, 2013 Shelter Cluster Philippines

Cebu - Shelter Cluster Meeting 14:00, Dec 13, 2013 Shelter Cluster Philippines

Cebu - Shelter Cluster Meeting 14:00, Dec 13, 2013 Shelter Cluster Philippines ShelterCluster.org Coordinating Humanitarian Shelter Agenda 1. Introductions - Last meeting's minutes review 2. Shelter Cluster update - Strategic Response Plan

375 views • 21 slides

More recommend