interdomain routing decisions
play

Interdomain Routing Decisions Mingchen Zhao * Wenchao Zhou * - PowerPoint PPT Presentation

Oct 04, 2023 •189 likes •647 views

Private and Verifiable Interdomain Routing Decisions Mingchen Zhao * Wenchao Zhou * Alexander Gurney * Andreas Haeberlen * Micah Sherr + Boon Thau Loo * * University of Pennsylvania + Georgetown University 1 SIGCOMM 2012 (August 16, 2012)

  1. Private and Verifiable Interdomain Routing Decisions Mingchen Zhao * Wenchao Zhou * Alexander Gurney * Andreas Haeberlen * Micah Sherr + Boon Thau Loo * * University of Pennsylvania + Georgetown University 1 SIGCOMM 2012 (August 16, 2012)

  2. SIGCOMM 2012 (August 16, 2012)

  3. SIGCOMM 2012 (August 16, 2012)

  4. SIGCOMM 2012 (August 16, 2012)

  5. SIGCOMM 2012 (August 16, 2012)

  6. SIGCOMM 2012 (August 16, 2012)

  7. SIGCOMM 2012 (August 16, 2012)

  8. SIGCOMM 2012 (August 16, 2012)

  9. SIGCOMM 2012 (August 16, 2012)

  10. SIGCOMM 2012 (August 16, 2012)

  11. SIGCOMM 2012 (August 16, 2012)

  12. SIGCOMM 2012 (August 16, 2012)

  13. Challenge: Privacy Charlie Bob (3+1) hop 5 hop Doris Alice Eliot I do not want to reveal all my routes to Alice! 13 SIGCOMM 2012 (August 16, 2012)

  14. Can we have our cake and eat it too? Privacy Security Security S-BGP, soBGP, psBGP, NetReview , … 14 SIGCOMM 2012 (August 16, 2012)

  15. Goals Security: If Bob breaks his promise, Alice • will detect it. Privacy: Verification does not reveal more • information than BGP. Evidence: If Bob breaks his promise, Alice • can prove it. Accuracy: If Bob does not break his • promise, nobody can prove he did. 15 SIGCOMM 2012 (August 16, 2012)

  16. SIGCOMM 2012 (August 16, 2012)

  17. SIGCOMM 2012 (August 16, 2012)

  18. SIGCOMM 2012 (August 16, 2012)

  19. Outline • Motivation • Goal: Verify promises about routing decisions • Challenge: Privacy • The SPIDeR system • Evaluation • Summary 19 SIGCOMM 2012 (August 16, 2012)

  20. SIGCOMM 2012 (August 16, 2012)

  21. SIGCOMM 2012 (August 16, 2012)

  22. SIGCOMM 2012 (August 16, 2012)

  23. SIGCOMM 2012 (August 16, 2012)

  24. SIGCOMM 2012 (August 16, 2012)

  25. Background: Merkle Hash Tree • Merkle Tree Path to the root Commitment Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash b 1 b 2 b 3 b 2 b 4 Proof that the second value is b 2 Values Reveals nothing about b 1 , b 3 , b 4 ! 25 SIGCOMM 2012 (August 16, 2012)

  26. SIGCOMM 2012 (August 16, 2012)

  27. SIGCOMM 2012 (August 16, 2012)

  28. SIGCOMM 2012 (August 16, 2012)

  29. SIGCOMM 2012 (August 16, 2012)

  30. SIGCOMM 2012 (August 16, 2012)

  31. SIGCOMM 2012 (August 16, 2012)

  32. SIGCOMM 2012 (August 16, 2012)

  33. SIGCOMM 2012 (August 16, 2012)

  34. SIGCOMM 2012 (August 16, 2012)

  35. SIGCOMM 2012 (August 16, 2012)

  36. Making SPIDeR practical So far: We can verify promises about a single • prefix and a single decision • We have a protocol • It meets all four goals • We proved the correctness (in a TR) • Guarantees hold even if an AS is malicious Practical issues • Multiple prefixes , temporal privacy, loose • synchronization, logging system, withdrawals, incremental deployment Loose synchronization, Logging sys 36 SIGCOMM 2012 (August 16, 2012)

  37. Multi-Prefix: Additional Challenges • 37 SIGCOMM 2012 (August 16, 2012)

  38. SIGCOMM 2012 (August 16, 2012)

  39. SIGCOMM 2012 (August 16, 2012)

  40. Outline • Motivation • The SPIDeR system • Single prefix • Practical Challenges • Evaluation • Functionality check • Microbenchmarks • Overhead • Summary 40 SIGCOMM 2012 (August 16, 2012)

  41. Evaluation: Microbenchmarks An important metric is how fast we can • make hash trees. • How quickly can we capture transient routing configuration problems? Experiment: generate a tree for a full BGP • routing table on Dell PowerEdge 860. • Result: 17.4s (with three cores) • Scales almost linearly with the number of cores 41 SIGCOMM 2012 (August 16, 2012)

  42. Evaluation: Experimental Overhead Data Collected Small AS topology with Quagga routers • Injected a RouteViews trace • AS 5’s SPIDeR ran on a single machine • 42 SIGCOMM 2012 (August 16, 2012)

  43. Evaluation: Overhead Computation • • 2.4 GHz core: 81.3% utilized • Commodity workstation is sufficient Bandwidth • • Signatures etc.: 20.8kbps • Verifying 1% of commitments per minute: 3.0Mbps • On the order of a single DSL upstream link Storage • • Keeping 1 year’s worth of logs: 145.7GB • Fits on a commodity hard drive 43 SIGCOMM 2012 (August 16, 2012)

  44. Evaluation: Overhead Computation • • 2.4 GHz core: 81.3% utilized • Commodity workstation is sufficient Bandwidth • • A small AS could run SPIDeR on a single • Signatures etc.: 20.8kbps machine • Verifying 1% of commitments per minute: 3.0Mbps • On the order of a single DSL upstream link Storage • • Keeping 1 year’s worth of logs: 145.7GB • Fits on a commodity hard drive 44 SIGCOMM 2012 (August 16, 2012)

  45. Summary • Goal: Verify promises about interdomain routing decisions • Problem: Offer both security and privacy • Solution: Collaborative verification • Implemented in the SPIDeR system • Provable security and privacy guarantees • Efficient enough to run on a single commodity workstation More information: http://snp.cis.upenn.edu/ 45 SIGCOMM 2012 (August 16, 2012)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

DIMACS Workshop On Secure Routing March 10, 2010 How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing Protocols? $ $ Sharon Goldberg Microsoft Research & Boston University y Michael Schapira

701 views • 54 slides
Interdomain routing CSCI 466: Networks Keith Vertanen Fall 2011 Overview Business

Interdomain routing CSCI 466: Networks Keith Vertanen Fall 2011 Overview Business

Interdomain routing CSCI 466: Networks Keith Vertanen Fall 2011 Overview Business relationships between ASes Interdomain routing using BGP Advertisements Routing policy Integration with intradomain routing Routing

748 views • 37 slides
IP Routing: Interdomain CS/ECE 438: Spring 2014 Instructor: Matthew Caesar

IP Routing: Interdomain CS/ECE 438: Spring 2014 Instructor: Matthew Caesar

IP Routing: Interdomain CS/ECE 438: Spring 2014 Instructor: Matthew Caesar http://courses.engr.illinois.edu/cs438/ Internet Routing So far, only considered routing within a domain Many issues can be ignored in this setting because

1.25k views • 75 slides
Interdomain Routing and Games Hagay Levin Michael Schapira Aviv Zohar Abstract We

Interdomain Routing and Games Hagay Levin Michael Schapira Aviv Zohar Abstract We

Interdomain Routing and Games Hagay Levin Michael Schapira Aviv Zohar Abstract We present a game-theoretic model that captures many of the intricacies of interdomain routing in todays Internet. In this model, the strategic agents are

429 views • 17 slides
CSE 461 Section 7 5/18/2017 JOHN ABERCROMBIE The interdomain routing problem Each AS determines

CSE 461 Section 7 5/18/2017 JOHN ABERCROMBIE The interdomain routing problem Each AS determines

CSE 461 Section 7 5/18/2017 JOHN ABERCROMBIE The interdomain routing problem Each AS determines its own routing policies One AS only wants to send and receive packets from the internet One AS can carry transit traffic for others if you

416 views • 15 slides
Lecture 14: Interdomain Routing CSE 123: Computer Networks Chris Kanich Quiz 2 now; Prj. 2 due

Lecture 14: Interdomain Routing CSE 123: Computer Networks Chris Kanich Quiz 2 now; Prj. 2 due

Lecture 14: Interdomain Routing CSE 123: Computer Networks Chris Kanich Quiz 2 now; Prj. 2 due Monday Lecture 14 Overview Autonomous Systems Each network on the Internet has its own goals Path-vector Routing Allows scalable, informed

229 views • 12 slides
Interdomain Routing Two types of Routing Intradomain routing Security Accomplished via

Interdomain Routing Two types of Routing Intradomain routing Security Accomplished via

253 views • 10 slides
Towards a Realistic Model of Incentives in Interdomain Routing: Decoupling Forwarding from

Towards a Realistic Model of Incentives in Interdomain Routing: Decoupling Forwarding from

Static Analysis of Decoupling The Game-Theoretic Approach Towards a Realistic Model of Incentives in Interdomain Routing: Decoupling Forwarding from Signaling Aaron D. Jaggard DIMACS Rutgers University Joint work with Vijay Ramachandran

729 views • 38 slides
CIDR: Classless Interdomain Routing Surasak Sanguanpong nguan@ku.ac.th

CIDR: Classless Interdomain Routing Surasak Sanguanpong nguan@ku.ac.th

1/10 CIDR: Classless Interdomain Routing Surasak Sanguanpong nguan@ku.ac.th http://www.cpe.ku.ac.th/~nguan Last updated: July 9, 2002 Applied Network Research Group Department of Computer Engineering, Kasetsart

448 views • 6 slides
Toward Programmable Interdomain Routing Qiao Xiang 1 , J. Jensen Zhang 1, 2 , Franck Le 3 , Y.

Toward Programmable Interdomain Routing Qiao Xiang 1 , J. Jensen Zhang 1, 2 , Franck Le 3 , Y.

Toward Programmable Interdomain Routing Qiao Xiang 1 , J. Jensen Zhang 1, 2 , Franck Le 3 , Y. Richard Yang 4, 1 1 Yale University, 2 Tongji University, 3 IBM T.J. Watson Research Center, 4 Peng Cheng Laboratory, 07/30/2020, ACM/IRTF ANRW'20

692 views • 42 slides
Models and Tools for the High-Level Simulation of a Name-Based Interdomain Routing Architecture

Models and Tools for the High-Level Simulation of a Name-Based Interdomain Routing Architecture

I NTRODUCTION P ROBLEM A PPLICATION -D RIVEN H IGH -L EVEL S IMULATION S IMULATION C OMPONENTS R ESULTS Models and Tools for the High-Level Simulation of a Name-Based Interdomain Routing Architecture Kari Visala, Andrew Keating Helsinki

236 views • 20 slides
Investigating Interdomain Routing Policies in the Wild Ruwaifa Anwar 1 , Haseeb Niaz 1 , David

Investigating Interdomain Routing Policies in the Wild Ruwaifa Anwar 1 , Haseeb Niaz 1 , David

Investigating Interdomain Routing Policies in the Wild Ruwaifa Anwar 1 , Haseeb Niaz 1 , David Choffnes 2 , Italo Cunha 3 , Phillipa Gill 1 , Ethan Katz-Bassett 4 1 Stony Brook University, 2 Northeastern University, 3 Universidade Federal de Minas

426 views • 3 slides
Interdomain Routing Policies in the Wild Ruwaifa Anwar 1 , Haseeb Niaz 1 , David Choffnes 2 ,

Interdomain Routing Policies in the Wild Ruwaifa Anwar 1 , Haseeb Niaz 1 , David Choffnes 2 ,

Investigating Interdomain Routing Policies in the Wild Ruwaifa Anwar 1 , Haseeb Niaz 1 , David Choffnes 2 , Italo Cunha 3 , Phillipa Gill 1 , Ethan Katz-Bassett 4 1 Stony Brook University, 2 Northeastern University, 3 Universidade Federal de Minas

363 views • 11 slides
External Routing External Routing BGP JeanYves Le Boudec Fall 2009 Self Organization 1 1

External Routing External Routing BGP JeanYves Le Boudec Fall 2009 Self Organization 1 1

COLE POLYTECHNIQUE FDRALE DE LAUSANNE External Routing External Routing BGP JeanYves Le Boudec Fall 2009 Self Organization 1 1 Contents A. What InterDomain Routing does 1 1. Inter Domain Routing Inter Domain Routing 2.

1.3k views • 91 slides
SCION: A Secure Multipath Interdomain Routing Architecture Adrian Perrig Network Security Group,

SCION: A Secure Multipath Interdomain Routing Architecture Adrian Perrig Network Security Group,

SCION: A Secure Multipath Interdomain Routing Architecture Adrian Perrig Network Security Group, ETH Zrich SCION: Next-generation Internet Architecture Path-aware networking: sender knows packets path Enables geo-fencing

497 views • 33 slides
The Stable Paths Problem and Interdomain Routing Rachit Agarwal Results are by others, any errors

The Stable Paths Problem and Interdomain Routing Rachit Agarwal Results are by others, any errors

Problem Formulation A Sufficient Condition for Stability Food for thought! The Stable Paths Problem and Interdomain Routing Rachit Agarwal Results are by others, any errors are by me! Rachit Agarwal The Stable Paths Problem Problem

1.08k views • 75 slides
MOL2NET, 2018 , 4, http://sciforum.net/conference/mol2net-04 2 Materials and Methods The scene

MOL2NET, 2018 , 4, http://sciforum.net/conference/mol2net-04 2 Materials and Methods The scene

MOL2NET, 2018 , 4, http://sciforum.net/conference/mol2net-04 1 MOL2NET, International Conference Series on Multidisciplinary Sciences MDPI Physics investigates: Is Spider-Man a killer for lack of physical knowledge? Andr Luiz Carvalhaes,

269 views • 4 slides
Picturing Quantum Processes Aleks Kissinger and Bob Coecke Radboud University and Oxford University

Picturing Quantum Processes Aleks Kissinger and Bob Coecke Radboud University and Oxford University

Picturing Quantum Processes Aleks Kissinger and Bob Coecke Radboud University and Oxford University ESSLLI Toulouse 2017 Kissinger & Coecke Picturing Quantum Processes ESSLLI Toulouse 2017 1 / 40 www.cambridge.org/pqp 20% discount @ CUP

745 views • 57 slides
S P I D E R J o a c h I m F r a n k SPIDER is a command-driven application written

S P I D E R J o a c h I m F r a n k SPIDER is a command-driven application written

S P I D E R J o a c h I m F r a n k SPIDER is a command-driven application written predominantly in FORTRAN 90. Available for Linux, Irix, and AIX. More than 80 suites of operations (with a total of more than 450 operations)

168 views • 14 slides
How to estimate a density on a spider web ? Dominique Picard How to estimate a density on a

How to estimate a density on a spider web ? Dominique Picard How to estimate a density on a

How to estimate a density on a spider web ? How to estimate a density on a spider web ? Dominique Picard How to estimate a density on a spider web ? 2020 1 / 37 Spider web from exhibition On Air Tomas Saraceno spider web spider web Spider

753 views • 40 slides
Eremenkos conjecture in complex dynamics Gwyneth Stallard Joint work with Phil Rippon The

Eremenkos conjecture in complex dynamics Gwyneth Stallard Joint work with Phil Rippon The

Eremenkos conjecture in complex dynamics Gwyneth Stallard Joint work with Phil Rippon The Open University New Developments in Complex Analysis and Function Theory July 2018 Basic definitions Definition The Fatou set (or stable set) is F (

627 views • 51 slides
and preparing for flood emergency response Shirish Ravan United Nations Office for Outer Space

and preparing for flood emergency response Shirish Ravan United Nations Office for Outer Space

Bridging Science with Governance through the UN-SPIDER for flood risk management and preparing for flood emergency response Shirish Ravan United Nations Office for Outer Space Affairs United Nations Offices at Vienna www.unoosa.org United

888 views • 31 slides
Important separators and parameterized algorithms Dniel Marx Humboldt-Universitt zu Berlin,

Important separators and parameterized algorithms Dniel Marx Humboldt-Universitt zu Berlin,

Important separators and parameterized algorithms Dniel Marx Humboldt-Universitt zu Berlin, Germany Methods for Discrete Structures February 7, 2011 Important separators and parameterized algorithms p.1/27 Overview Main message: Small

993 views • 77 slides
Cantor bouquets in spiders webs Yannis Dourekas October 2, 2017 Universitat de Barcelona

Cantor bouquets in spiders webs Yannis Dourekas October 2, 2017 Universitat de Barcelona

Cantor bouquets in spiders webs Yannis Dourekas October 2, 2017 Universitat de Barcelona Basic defjnitions neighbourhood where the family of iterates is equicontinuous. infjnity under iteration. to infjnity as fast as possible: The

487 views • 11 slides

More recommend