Physical Sciences and Mathematics Commons^™

Matrix Profile Data Mining For Bgp Anomaly Detection, Ben A. Scott, Michael N. Johnstone, Patryk Szewczyk, Steven Richardson

Research outputs 2022 to 2026

The Border Gateway Protocol (BGP), acting as the communication protocol that binds the Internet, remains vulnerable despite Internet security advancements. This is not surprising, as the Internet was not designed to be resilient to cyber-attacks, therefore the detection of anomalous activity was not of prime importance to the Internet creators. Detection of BGP anomalies can potentially provide network operators with an early warning system to focus on protecting networks, systems, and infrastructure from significant impact, improve security posture and resilience, while ultimately contributing to a secure global Internet environment. In this paper, we present a novel technique for the detection …

Seedemu: The Seed Internet Emulator, Honghao Zeng

Theses - ALL

I studied and experimented with the idea of building an emulator for the Internet. While there are various already available options for such a task, none of them takes the emulation of the entire Internet as an important feature in mind. Those emulators and simulators can handle small-scale networks pretty well, but lacks the ability to handle large-size networks, mainly due to:

- Not being able to run many nodes, or requires very powerful hardware to do so,- Lacks convenient ways to build a large emulation, and - Lacks reusability: once something is built, it is very hard to re-use …

Interdomain Route Leak Mitigation: A Pragmatic Approach, Benjamin Tyler Mcdaniel

Doctoral Dissertations

The Internet has grown to support many vital functions, but it is not administered by any central authority. Rather, the many smaller networks that make up the Internet - called Autonomous Systems (ASes) - independently manage their own distinct host address space and routing policy. Routers at the borders between ASes exchange information about how to reach remote IP prefixes with neighboring networks over the control plane with the Border Gateway Protocol (BGP). This inter-AS communication connects hosts across AS boundaries to build the illusion of one large, unified global network - the Internet. Unfortunately, BGP is a dated protocol …

Leveraging Conventional Internet Routing Protocol Behavior To Defeat Ddos And Adverse Networking Conditions, Jared M. Smith

Doctoral Dissertations

The Internet is a cornerstone of modern society. Yet increasingly devastating attacks against the Internet threaten to undermine the Internet's success at connecting the unconnected. Of all the adversarial campaigns waged against the Internet and the organizations that rely on it, distributed denial of service, or DDoS, tops the list of the most volatile attacks. In recent years, DDoS attacks have been responsible for large swaths of the Internet blacking out, while other attacks have completely overwhelmed key Internet services and websites. Core to the Internet's functionality is the way in which traffic on the Internet gets from one destination …

Discrete Event Simulation-Based Performance Evaluation Of Internet Routing Protocols, Fati̇h Çeli̇k, Ahmet Zengi̇n, Bülent Çobanoğlu

Turkish Journal of Electrical Engineering and Computer Sciences

This paper presents a discrete event system specification (DEVS)-based comparative performance analysis between the open shortest path first (OSPF) protocol and the routing information protocol (RIP), together with the border gateway protocol (BGP), using DEVS-Suite. In order to evaluate the OSPF and RIP's scalability performance, several network models are designed and configured with the OSPF and RIP, in combination with the BGP. Evaluations of the proposed routing protocols are performed based on the metrics, such as the execution time, convergence time, turnaround time, throughput, and efficiency across an increasing size and complexity through the simulated network models. The evaluation results …

Reactive Routing In Hidra Networks, Scott Michael Marshall

Computer Engineering

In recent years, the Internet has grown so large that the future scalability of the Internet has become a major concern. The two primary scalability concerns are the size of the forwarding table and the ability for BGP to converge while distributing hundreds of thousands of routes.

HIDRA is a new Internet routing architecture that is backwards-compatible with existing routing technologies and protocols that focuses on feasibility-of-implementation. HIDRA remedies the first Internet scalability concern by proposing a means to reduce the number of entries in the default-free zone (DFZ) forwarding table.

This project extends HIDRA by designing a complete reactive …

A Neural Network Approach To Border Gateway Protocol Peer Failure Detection And Prediction, Cory B. White

Master's Theses

The size and speed of computer networks continue to expand at a rapid pace, as do the corresponding errors, failures, and faults inherent within such extensive networks. This thesis introduces a novel approach to interface Border Gateway Protocol (BGP) computer networks with neural networks to learn the precursor connectivity patterns that emerge prior to a node failure. Details of the design and construction of a framework that utilizes neural networks to learn and monitor BGP connection states as a means of detecting and predicting BGP peer node failure are presented. Moreover, this framework is used to monitor a BGP network …

On Inferring And Characterizing Internet Routing Policies, Feng Wang

Computer Science Department Faculty Publication Series

Border Gateway Protocol allows Autonomous Systems (ASs) to apply diverse routing policies for selecting routes and for propagating reachability information to other ASs. Although a significant number of studies have been focused on the Internet topology, little is known about what routing policies network operators employ to configure their networks. In this paper, we infer and characterize routing policies employed in the Internet. We find that routes learned from customers are preferred over those from peers and providers, and those from peers are typically preferred over those from providers. We present an algorithm for inferring and characterizing export policies. We …