SaTC: CORE: Large: Collaborative: Investigating the Susceptibility of the Internet Topology to Country-level Connectivity Disruption and Manipulation

SaTC：核心：大型：协作：调查互联网拓扑对国家级连接中断和操纵的敏感性

• 批准号: 1705024
• 负责人: Alberto Dainotti
• 金额: $ 102.67万
• 依托单位: University of California-San Diego
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-08-01 至 2021-12-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1705024&HistoricalAwards=false
• 关键词: SaTC; CORE; Large; Collaborative; Investigating

Malicious actors such as hackers, terrorists or nation-states can disrupt, intercept or manipulate the Internet traffic of entire countries or regions by targeting structural weaknesses of the Internet. Strategic physical locations exist in the Internet topology. Despite much recent interest and a large body of research on cyber-attack vectors and mechanisms, we lack rigorous tools to reason about how the Internet topology of a country or region exposes its critical communication infrastructure to compromise through targeted attacks. This project develops methodologies to identify potential topological weaknesses of the Internet infrastructure, especially from the perspective of an attacker, and to quantify the potential impact if attackers were to compromise these critical elements. The broader impacts of this project are substantial: understanding structural weaknesses in the Internet topology of countries or regions is of significant interest not just to the research and operational communities, but also to everyday Internet users and policy bodies. More generally, it will secure the critical Internet infrastructure on which our daily activities depend.This project is a two-phase project. In the first phase, the goal is identifying important components of the Internet topology of a country and region --- Autonomous Systems, Internet Exchange Points, colocation facilities, and physical cable systems that represent key locations of the Internet. The project will undertake a novel multi-layer mapping effort, developing measurement and analysis techniques to discover these components and the relationships between them. The second phase of the project utilizes the multi-layer map and develops methods to identify components that represent potential topological weaknesses, i.e., compromising a few such components would allow an attacker to disrupt, manipulate, or eavesdrop on a large fraction of Internet traffic of that country. The multi-layer view of the system will enable an assessment of weaknesses holistically as well as at specific layers, under various assumptions about the capabilities and knowledge of attackers. Geographic annotations will enable a consideration of risks related to the geographic distribution of critical components of the communication infrastructure.

黑客、恐怖分子或民族国家等恶意行为者可以针对互联网的结构性弱点，扰乱、拦截或操纵整个国家或地区的互联网流量。Internet拓扑中存在具有战略意义的物理位置。尽管最近有很多关于网络攻击载体和机制的兴趣和大量研究，但我们缺乏严格的工具来推理一个国家或地区的互联网拓扑是如何通过有针对性的攻击暴露其关键通信基础设施的。该项目开发了一些方法，以确定互联网基础设施的潜在拓扑弱点，特别是从攻击者的角度，并量化如果攻击者危害这些关键要素的潜在影响。该项目的更广泛影响是巨大的：了解国家或区域互联网拓扑结构中的弱点不仅对研究和业务界，而且对日常互联网用户和政策机构都具有重大意义。更广泛地说，它将确保我们日常活动所依赖的关键互联网基础设施的安全。这项计划分为两个阶段。在第一阶段，目标是确定国家和地区互联网拓扑的重要组件-代表互联网关键位置的自治系统、互联网交换点、主机代管设施和物理电缆系统。该项目将进行一项新颖的多层绘图工作，开发测量和分析技术，以发现这些组件及其之间的关系。该项目的第二阶段利用多层地图并开发方法来识别代表潜在拓扑弱点的组件，即，泄露少数此类组件将允许攻击者扰乱、操纵或窃听该国很大一部分互联网流量。该系统的多层观点将能够在关于攻击者的能力和知识的各种假设下，从整体上以及在特定的层面上评估弱点。地理注释将使人们能够考虑与通信基础设施关键部件的地理分布有关的风险。

项目成果

A multi-perspective view of Internet censorship in Myanmar

缅甸互联网审查制度的多视角

• DOI: 10.1145/3473604.3474562
• 发表时间: 2021
• 期刊: FOCI '21: Proceedings of the ACM SIGCOMM 2021 Workshop on Free and Open Communications on the Internet
• 作者: Padmanabhan, Ramakrishna;Filastò, Arturo;Xynou, Maria;Raman, Ram Sundara;Middleton, Kennedy;Zhang, Mingwei;Madory, Doug;Roberts, Molly;Dainotti, Alberto
• 通讯作者: Dainotti, Alberto

DynamIPs: analyzing address assignment practices in IPv4 and IPv6

• DOI: 10.1145/3386367.3431314
• 发表时间: 2020-11
• 期刊: Proceedings of the 16th International Conference on emerging Networking EXperiments and Technologies
• 作者: Ramakrishna Padmanabhan;John P. Rula;P. Richter;Stephen D. Strowes;A. Dainotti

AS-Path Prepending: there is no rose without a thorn

AS-Path Prepending：没有不带刺的玫瑰

• DOI: 10.1145/3419394.3423642
• 发表时间: 2020
• 期刊: IMC '20: Proceedings of the ACM Internet Measurement Conference
• 作者: Marcos, Pedro;Prehn, Lars;Leal, Lucas;Dainotti, Alberto;Feldmann, Anja;Barcellos, Marinho
• 通讯作者: Barcellos, Marinho

MAnycast2: Using Anycast to Measure Anycast

MAnycast2：使用 Anycast 来测量 Anycast

• DOI: 10.1145/3419394.3423646
• 发表时间: 2020
• 期刊: IMC '20: Proceedings of the ACM Internet Measurement Conference
• 作者: Sommese, Raffaele;Bertholdo, Leandro;Akiwate, Gautam;Jonker, Mattijs;van Rijswijk-Deij, Roland;Dainotti, Alberto;Claffy, KC;Sperotto, Anna
• 通讯作者: Sperotto, Anna

To Filter or Not to Filter: Measuring the Benefits of Registering in the RPKI Today

过滤或不过滤：衡量当今在 RPKI 中注册的好处

• DOI: 10.1007/978-3-030-44081-7_5
• 发表时间: 2020
• 期刊: Passive and Active Measurement Lecture Notes in Computer Science
• 作者: Testart, Cecilia;Richter, Philipp;King, Alistair;Dainotti, Alberto;Clark, David
• 通讯作者: Clark, David