| dc.identifier.uri | http://hdl.handle.net/11401/77233 | |
| dc.description.sponsorship | This work is sponsored by the Stony Brook University Graduate School in compliance with the requirements for completion of degree. | en_US |
| dc.format | Monograph | |
| dc.format.medium | Electronic Resource | en_US |
| dc.language.iso | en_US | |
| dc.publisher | The Graduate School, Stony Brook University: Stony Brook, NY. | |
| dc.type | Thesis | |
| dcterms.abstract | Models of Internet routing are critical for studies of Internet security, reliability and evolution, which often rely on simulations of the Internet’s routing system. Accurate models are difficult to build and suffer from a dearth of ground truth data, as ISPs often treat their connectivity and routing policies as trade secrets. In this environment, researchers rely on a number of simplifying assumptions and models proposed over a decade ago, which are widely criticized for their inability to capture routing policies employed in practice. This thesis makes the following two contributions: ◠Investigating Interdomain Routing Policies. First we put Internet topologies and models under the microscope to understand where they fail to capture real routing behavior. We measure data plane paths from thousands of vantage points, located in eyeball networks around the globe, and find that between 14-35% of routing decisions are not explained by existing models. We then investigate these cases, and identify root causes such as selective prefix announcement, misclassification of undersea cables, and geographic constraints. Our work highlights the need for models that address such cases, and motivates the need for further investigation of evolving Internet connectivity. ◠Detecting BGP hijacks and interceptions We develop a system to detect BGP hijacks and interceptions in near real-time. When BGP was designed, the security challenges were not kept in mind. BGP lacks techniques like path validation and origin verification, as a result malicious ASes can advertises prefixes they do not own and can redirect the traffic to themselves. This is called BGP hijacking. Similarly, malicious ASes can partake man in the middle attack by routing traffic to the legitimate owner of the prefixes after redirecting first to themselves. This type of attack is called man in the middle attack. We develop a system to observe BGP announcements and updates in real time. We use combination of heuristics based on control plane and data plane (targeted traceroutes data) to separate malicious BGP announcements from legitimate announcements | |
| dcterms.available | 2017-09-20T16:52:15Z | |
| dcterms.contributor | Gill, Phillipa | en_US |
| dcterms.contributor | Das, Samir | en_US |
| dcterms.contributor | Polychronakis, Michalis. | en_US |
| dcterms.creator | Anwar, Ruwaifa | |
| dcterms.dateAccepted | 2017-09-20T16:52:15Z | |
| dcterms.dateSubmitted | 2017-09-20T16:52:15Z | |
| dcterms.description | Department of Computer Science | en_US |
| dcterms.extent | 44 pg. | en_US |
| dcterms.format | Application/PDF | en_US |
| dcterms.format | Monograph | |
| dcterms.identifier | http://hdl.handle.net/11401/77233 | |
| dcterms.issued | 2016-12-01 | |
| dcterms.language | en_US | |
| dcterms.provenance | Made available in DSpace on 2017-09-20T16:52:15Z (GMT). No. of bitstreams: 1
Anwar_grad.sunysb_0771M_13169.pdf: 1564655 bytes, checksum: 0b0ba9e8143c69cdacdc8fa2a8a381c4 (MD5)
Previous issue date: 1 | en |
| dcterms.publisher | The Graduate School, Stony Brook University: Stony Brook, NY. | |
| dcterms.subject | BGP, Internet monitoring, Networks, Routing, Security | |
| dcterms.subject | Computer science | |
| dcterms.title | Investigating Interdomain Routing in the Wild | |
| dcterms.type | Thesis | |
