mapping the dutch critical infrastructure
play

Mapping the Dutch Critical Infrastructure Razvan C. Oprea Fahime - PowerPoint PPT Presentation

Nov 25, 2022 •145 likes •392 views

Mapping the Dutch Critical Infrastructure Razvan C. Oprea Fahime Alizade Supervised by Benno Overeinder Wednesday, July 3, 13 The initial question Critical infrastructure sectors What is the network level representation of the critical

  1. Mapping the Dutch Critical Infrastructure Razvan C. Oprea Fahime Alizade Supervised by Benno Overeinder Wednesday, July 3, 13

  2. The initial question Critical infrastructure sectors What is the network level representation of the critical infrastructure? 2 of 25 Wednesday, July 3, 13

  3. Previous research Publicly accessible related research papers are scarce PAM2012: " Exposing a Nation-Centric View on the German Internet – A Change in Perspective on AS-Level " The research started from prefixes and discovered Autonomous Systems Numbers (ASNs) using RIPE database, Team Cymru and RIPE RIS The AS interconnections were discovered using BGP dumps 3 of 25 Wednesday, July 3, 13

  4. Research Questions Can we discover and map the Internet entities corresponding to the Dutch national critical infrastructure with a sufficient degree of confidence? Our hypothesis is that the answer to the above question is affirmative Subquestions: What are the authoritative sources of information? What is the resilience of Dutch critical infrastructure? 4 of 25 Wednesday, July 3, 13

  5. Methodology We have no idea on organizations’ physical connections to the Internet, but we are interested in the logical IP topology: - we work at an AS level - we use two methods for discovering relevant ASNs 1 Bottom-up discovery approach We discover the “Dutch” ASNs, then we identify organizations in critical sectors 2 Top-down approach Starting from organizations in critical sectors, we identify the corresponding ASNs 3 Analysis and visualization We combine the results of the two approaches, find interconnections and build graphs 5 of 25 Wednesday, July 3, 13

  6. Bottom-up Approach We use the ASN allocation list published by the RIPE NCC We select the ASNs allocated to organizations registered in NL or EU Every EU ASN is queried in the RIPE WHOIS database to select NL registrations (address or description fields) We select the organizations in the critical infrastructure sectors (domain name, KvK) 6 of 25 Wednesday, July 3, 13

  7. Bottom-up Approach (contd.) Limitations Observations We do not know if all the ASNs of 727 ASNs allocated to Dutch an organization relate to critical organizations infrastructure We have limited information on 335 ASNs relate to the critical organization structure and infrastructure sectors ownership (Virtual ASNs) The number of “Dutch” ASNs 265 ASNs relate to the Internet in the Internet sector is infrastructure sector disproportionately high We decided to keep ISPs, Data Centers, Internet Exchange Points 7 of 25 Wednesday, July 3, 13

  8. Top-Down Approach We search for well-known entities in each critical sector We find the organization name (KvK) and their domain We search for the IP addresses corresponding to their A, AAAA and MX records We use RIPEstat to find the prefix it is part of and the originating ASN (the “proxy” AS) 8 of 25 Wednesday, July 3, 13

  9. Top-Down Approach (contd.) Limitations Observations We decided early on to use only We tried to have at least few public information samples from every sector Complete mapping of critical In total, we hand-picked 147 sector industries requires organizations part of the Dutch specialized knowledge (think critical infrastructure food chain supply) Backup and private links are not visible 9 of 25 Wednesday, July 3, 13

  10. Data analysis We combine the result of the two approaches and obtain a “master” ASNs list. The inter-AS relationships is visible in BGP dumps, but it’s better to have multiple viewpoints for accuracy RIPE RIS, RouteViews, Route Servers, Looking Glasses all offer multi-views on the BGP links traceroute is not a viable option since the IP address space used by organizations is privileged information We considered the aggregated data offered by UCLA IRL, CAIDA and University of Washington and we ultimately chose UCLA 10 of 25 Wednesday, July 3, 13

  11. Data analysis (contd.) Many nodes (ASNs) are abroad The initial graphs show many disconnected nodes Which ASNs to include to show relevant links? We choose to include the providers of the native and proxy ASNs We then built the full mash of the AS and provider list based on UCLA data 11 of 25 Wednesday, July 3, 13

  12. Visualization Methods To display and present high number of AS numbers and their relations, HTML canvas , Javascript and jQuery are chosen. We need an interactive presentation of graph to zoom-in and to see labels. Different Javascript libraries are taken into account: D3.js , Sigma.js 12 of 25 Wednesday, July 3, 13

  13. D3.js Data Driven Documents We formatted our dataset in two Json files: Nodes and Links [ Node positioning: Force Layout { “as”: “286”, “company”: “Brabant Water”, “sector”: “C1”, “input”: [“proxy”, By modifying links constraints the layout {“record”: “A”, finds the best-fitted position for each node. “company”: “KPN”, “country”: “NL”}] } ] 13 of 25 Wednesday, July 3, 13

  14. Sigma.js We chose Sigma.js , which is an open source Javascript library. We could parse Json files using jQuery In contrast to D3.js, positioning layouts are not provided. Nodes with the higher degree are put in inner levels. 14 of 25 Wednesday, July 3, 13

  15. Visualization and conclusions Energy Sector - no providers Foreign ASNs Dutch ASNs 15 of 25 Wednesday, July 3, 13

  16. Visualization and conclusions (contd.) Energy Sector - with providers Foreign ASNs Dutch ASNs 16 of 25 Wednesday, July 3, 13

  17. Visualization and conclusions (contd.) Food Sector - with providers Foreign ASNs Dutch ASNs 17 of 25 Wednesday, July 3, 13

  18. Observations 1 Related companies/industries choose sometimes the same providers: NS and ProRail (BT), Royal Dutch Shell, Gasunie and Argos Energies (Microsoft Corp.) Some organizations have their own ASN, but they still outsource 2 their email and website hosting ( Alliander ). The biggest providers (mail) are MessageLabs (UK & US), KPN , 3 Microsoft , Tele2 Nederland and Ziggo . 18 of 25 Wednesday, July 3, 13

  19. Observations (contd.) What do ABN AMRO , Triodos Bank , AkzoNobel , GGD have in 4 common: all their mails come through the same provider: MessageLabs Ltd., UK Nine other companies in the critical sectors use the services of MessageLabs Inc., US In fact, MessageLabs (a division of Symantec Corp.) is the single 5 biggest messaging provider in our list 19 of 25 Wednesday, July 3, 13

  20. Observations (contd.) Sector Dutch Provider Foreign Provider Top 1 Foreign Provider Energy 56% 44% Microsoft Corp. ,US ICT 96% 4% Websense hosted, UK Drinking water 61% 39% MessageLabs Inc., US Food 63% 37% There is no biggest one! Health 75% 25% MessageLabs Ltd. ,UK Finance 81% 9% MessageLabs Ltd. ,UK Surface water 57% (no Native) 43% Microsoft Corp. ,US Public order 92% 8% ClaraNET Ltd. ,UK Legal order 67% 33% BT PLC, UK Public 74% 26% MessageLabs Ltd., UK administration Transport 61% 39% BT PLC, UK Chemical 36% 64% MessageLabs Inc., US industry Table 1. Distribution of Mail providers in each sector 20 of 25 Wednesday, July 3, 13

  21. Observations (Dutch government) Dutch ministries accessible through two umbrella domains: 1 - government.nl - A (Prolocation, NL), MX (MessageLabs, UK and MessageLabs, US) - rijksoverheid.nl - A (Prolocation B.V., NL), MX (KPN, NL) 2 Courts of Justice accessible through one umbrella domain: - rechtspraak.nl - A (ASP4ALL Hosting, NL), MX (Tele 2 Nederland, NL) 3 Ministry of Defense website is accessible via the rijksoverheid.nl domain However, military branches (like infantry, marine, aviation) use their own infrastructure (domain and AS) 21 of 25 Wednesday, July 3, 13

  22. Conclusions We do not see physical, private and back-up links. We could discover the representative Dutch critical infrastructure organizations using the two discovery methods (bottom-up and top-down). The discovered organizations were verified manually one-by-one so we have a high degree of confidence. A more comprehensive list of organizations can only be obtained with specialized and preferably privileged information. 22 of 25 Wednesday, July 3, 13

  23. Conclusions (contd.) Many critical infrastructure organizations have reliable connections to the Internet, but rely a lot on foreign providers for their communication needs It is worth discussing the security and privacy implications of having email and websites hosted with entities from outside the EU We do not see that critical infrastructure organizations regard their network infrastructure as being of national critical importance 23 of 25 Wednesday, July 3, 13

  24. Any questions? Thank you for your attention! 24 of 25 Wednesday, July 3, 13

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A proactive and collaborative DDoS mitigation strategy for the Dutch critical infrastructure

A proactive and collaborative DDoS mitigation strategy for the Dutch critical infrastructure

A proactive and collaborative DDoS mitigation strategy for the Dutch critical infrastructure Cristian Hesselman 1 , Jeroen van der Ham 2 , Roland van Rijswijk 3 , Jair Santanna 2 , Aiko Pras 2 1) SIDN Labs, 2) University of Twente, 3) SURFnet

463 views • 10 slides
MOST PROJECT MAPPING MOBILITY THROUGH 17 TH CENTURY DUTCH FOR RMOSA HISTORICAL WRITINGS: GIS ON

MOST PROJECT MAPPING MOBILITY THROUGH 17 TH CENTURY DUTCH FOR RMOSA HISTORICAL WRITINGS: GIS ON

MOST PROJECT MAPPING MOBILITY THROUGH 17 TH CENTURY DUTCH FOR RMOSA HISTORICAL WRITINGS: GIS ON 17TH CENTURY DUTCH TEXTUAL INFORMATION IN TAIWAN: A S CENTURY DUTCH TEXTUAL INFORMATION IN TAIWAN: A S SPATIOTEMPORAL MAPPING OF THE REGION

704 views • 25 slides
Building a Dutch National Research Infrastructure IRODS UGM 2017 Frank Heere 15-06-2017 SURF:

Building a Dutch National Research Infrastructure IRODS UGM 2017 Frank Heere 15-06-2017 SURF:

Building a Dutch National Research Infrastructure IRODS UGM 2017 Frank Heere 15-06-2017 SURF: who are we? Not-for-profit cooperative for ICT in Dutch education and research Knowledge sharing Shared digital infrastructures and services

550 views • 18 slides
Big data in critical infrastructure: Production and failover infrastructure in DWD's central data

Big data in critical infrastructure: Production and failover infrastructure in DWD's central data

Big data in critical infrastructure: Production and failover infrastructure in DWD's central data management Daniel Lee, German Weather Service (DWD) TI12b Sep. 2015 Agenda 1. DWD's goals 2. Operational systems 3. Technical

556 views • 52 slides
Application of BIM and GIS for Dutch Infrastructure assets. together with a contractor Daan

Application of BIM and GIS for Dutch Infrastructure assets. together with a contractor Daan

Application of BIM and GIS for Dutch Infrastructure assets. together with a contractor Daan Alsem projectmanager Royal HaskoningDHV GeoBIM Amsterdam november 24th, 2016 The project: Rebuilding of the junction Joure, NL Junction Joure Hamburg

316 views • 28 slides
Broadband Infrastructure is Critical Infrastructure Jeff Sobotka VP & State Broadband

Broadband Infrastructure is Critical Infrastructure Jeff Sobotka VP & State Broadband

Broadband Infrastructure is Critical Infrastructure Jeff Sobotka VP & State Broadband Director Definition: Broadband is defined as networks of deployed telecommunications equipment and technologies necessary to provide high-speed

268 views • 15 slides
The Dutch National e-Infrastructure Jeff Templon, Nikhef Jan

The Dutch National e-Infrastructure Jeff Templon, Nikhef Jan

The Dutch National e-Infrastructure Jeff Templon, Nikhef Jan Bot, SURFsara 2016.03.17 J.A. Templon, ISGC 2016, Taipei A long road went before this I skip most of

565 views • 25 slides
ATUs Advances in In-Pipe Sensing - From Inspection to Mapping of Water Infrastructure Tony

ATUs Advances in In-Pipe Sensing - From Inspection to Mapping of Water Infrastructure Tony

ATUs Advances in In-Pipe Sensing - From Inspection to Mapping of Water Infrastructure Tony Dodd Water Infrastructure Problems Ageing and deteriorating pipe infrastructure Dont know where it is Increasing failure rates Huge cost of

634 views • 16 slides
Dutch Relief Alliance (DRA) The Dutch Relief Alliance is a coalition of 16 Dutch humanitarian

Dutch Relief Alliance (DRA) The Dutch Relief Alliance is a coalition of 16 Dutch humanitarian

Dutch Relief Alliance (DRA) The Dutch Relief Alliance is a coalition of 16 Dutch humanitarian NGOs established in 2015 and funded by the Netherlands Ministry of Foreign Affairs. The structure of the DRA allows for the rapid delivery of

690 views • 15 slides
Infrastructure critical to growth, but continent hampered by limited stocks and high costs

Infrastructure critical to growth, but continent hampered by limited stocks and high costs

Infrastructure critical to growth, but continent hampered by limited stocks and high costs Infrastructure contributed about one percentage point of Africas recent growth spurt Improving all countries infrastructure to level of Mauritius

624 views • 34 slides
Using Argument Mapping to Teach Critical Thinking Across the Curriculum Todd Huspeni

Using Argument Mapping to Teach Critical Thinking Across the Curriculum Todd Huspeni

Using Argument Mapping to Teach Critical Thinking Across the Curriculum Todd Huspeni Associate Vice Chancellor of Teaching, Learning, and Strategic Planning, University of Wisconsin-Stevens Point (thuspeni@uwsp.edu) Dona Warren

612 views • 47 slides
Critical Information Infrastructure Protection (CIIP) National Knowledge Network (NKN) Annual

Critical Information Infrastructure Protection (CIIP) National Knowledge Network (NKN) Annual

Critical Information Infrastructure Protection (CIIP) National Knowledge Network (NKN) Annual workshop 17 - 19 Oct 2013, IISc, Bangalore Presentation Outline Government Cyber Security Architecture CII Overview & Definitions Critical

517 views • 20 slides
Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive

Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive

Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order 13636 Improving Critical Infrastructure Cybersecurity Kevin Stine National Institute of Standards and Technology Executive Order 13636:

128 views • 11 slides
Reaching Your Audiences National Housing Conference Spring 2019 Stakeholder Mapping Is The

Reaching Your Audiences National Housing Conference Spring 2019 Stakeholder Mapping Is The

Reaching Your Audiences National Housing Conference Spring 2019 Stakeholder Mapping Is The Critical First Step Prior To Conducting A Digital Campaign Illustrative Mapping Stakeholder Mapping Government Media Until you identify key

104 views • 8 slides
developments in the Netherlands Investment briefing: The Dutch residential market Dutch embassy

developments in the Netherlands Investment briefing: The Dutch residential market Dutch embassy

Macroeconomic developments in the Netherlands Investment briefing: The Dutch residential market Dutch embassy in London Wim Suyker 22 January 2014 CPB Netherlands Bureau for Economic Policy Analysis Content presentation The Dutch

1.08k views • 38 slides
The cybersecurity dimension of critical [energy] infrastructure it appears that someone found

The cybersecurity dimension of critical [energy] infrastructure it appears that someone found

The cybersecurity dimension of critical [energy] infrastructure it appears that someone found remote access and started tripping breakers. - Scadasec commentator 2015-12-26 Vytautas Butrimas Views expressed in this presentation

376 views • 15 slides
Fault-Channel Watermarks Peter Samarin 1 , 2 , Alexander Skripnik 1 , and Kerstin Lemke-Rust 1

Fault-Channel Watermarks Peter Samarin 1 , 2 , Alexander Skripnik 1 , and Kerstin Lemke-Rust 1

Fault-Channel Watermarks Peter Samarin 1 , 2 , Alexander Skripnik 1 , and Kerstin Lemke-Rust 1 Bonn-Rhein-Sieg University of Applied Sciences 1 Ruhr-Universitt Bochum 2 Germany 27 September 2016 Bonn-Rhein-Sieg University of Applied Sciences

310 views • 14 slides
Detecting Similar Code Segments through Side Channel Leakage in Microcontrollers Peter Samarin 1 ,

Detecting Similar Code Segments through Side Channel Leakage in Microcontrollers Peter Samarin 1 ,

Detecting Similar Code Segments through Side Channel Leakage in Microcontrollers Peter Samarin 1 , 2 and Kerstin Lemke-Rust 1 Bonn-Rhein-Sieg University of Applied Sciences 1 Ruhr-Universitt Bochum 2 Germany November 29, 2017 Bonn-Rhein-Sieg

464 views • 33 slides
Binary Program Analysis: Theory and Practice (what you code is not what you execute) Emmanuel

Binary Program Analysis: Theory and Practice (what you code is not what you execute) Emmanuel

Binary Program Analysis: Theory and Practice (what you code is not what you execute) Emmanuel Fleury <emmanuel.fleury@labri.fr> Joint work with: Grald Point <gerald.point@labri.fr> , Aymeric Vincent <aymeric.vincent@labri.fr>

924 views • 91 slides
MEDIA SKILLS WORKSHOP SECTION 1: MEDIA INTRODUCTION OVERVIEW: SECTION 1 Tactics: Bridging,

MEDIA SKILLS WORKSHOP SECTION 1: MEDIA INTRODUCTION OVERVIEW: SECTION 1 Tactics: Bridging,

CIGI MEDIA SKILLS WORKSHOP SECTION 1: MEDIA INTRODUCTION OVERVIEW: SECTION 1 Tactics: Bridging, Hooking, Flagging, Touch and Go Ten tips DOs and DONTs General Interview Tips - Before, During, and After Final Thoughts THE

733 views • 57 slides
Mathematical Discourse Math Department Objectives Participants will: Understand what

Mathematical Discourse Math Department Objectives Participants will: Understand what

Mathematical Discourse Math Department Objectives Participants will: Understand what mathematical discourse is. Understand how to incorporate mathematical discourse in daily lessons. What Questions Did You Ask Today? Lets go to

276 views • 13 slides
Quality of Discourse: An Advocates perspective Milkah Kihunah, CARE USA Presentation at the

Quality of Discourse: An Advocates perspective Milkah Kihunah, CARE USA Presentation at the

A pilot project measuring the Quality of Discourse: An Advocates perspective Milkah Kihunah, CARE USA Presentation at the American Evaluation Association Conference, Nov 11 2015 OUTLINE What? Policy and Advocacy context Why?

479 views • 11 slides
UNDERSTANDING LANGUAGE/ STANFORD CENTER FOR ASSESSMENT, LEARNING, AND EQUITY Stanford University

UNDERSTANDING LANGUAGE/ STANFORD CENTER FOR ASSESSMENT, LEARNING, AND EQUITY Stanford University

Understanding Language/ SCALE Stanford Graduate School of Education UNDERSTANDING LANGUAGE/ STANFORD CENTER FOR ASSESSMENT, LEARNING, AND EQUITY Stanford University Graduate School of Education Principles for the Design of Mathematics

507 views • 21 slides
English Learners in Middle School Multilingual Multicultural Education Department Ivette Munoz

English Learners in Middle School Multilingual Multicultural Education Department Ivette Munoz

English Learners in Middle School Multilingual Multicultural Education Department Ivette Munoz Secondary English Learner Instruction Specialist Welcome Please introduce yourself Name Work location Position 1. English Learners (ELs) are

303 views • 27 slides

More recommend