Presentation is loading. Please wait.

Presentation is loading. Please wait.

ETRI meeting (Sep 14, 2004) -- Dongkee LEE 1 Internet Routing Anomaly Monitoring System Dongkee LEE.

Published byShauna Scott Modified over 8 years ago

Similar presentations

Presentation on theme: "ETRI meeting (Sep 14, 2004) -- Dongkee LEE 1 Internet Routing Anomaly Monitoring System Dongkee LEE."— Presentation transcript:

1 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr) 1 Internet Routing Anomaly Monitoring System Dongkee LEE

2 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr)2Overview.  Internet Routing Anomaly Monitoring. (’04 8, 18 ~ )  Related works  System – the present position (’04 9, 14 - 16 )  Future works

3 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr)3 IRAM – basic idea.  Internet Routing Anomaly Monitoring.

4 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr)4 IRAM – goals.  Construct routes monitoring infrastructure.  Obtain real-time information about the global routing system.  Then, What can we do with this?  Survey on routing anomaly detection.  Other uses.  AS path visualization,  Map IP addresses to AS for topological studies.

5 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr)5 Related works  University of Oregon – Route Views Project.  http://routeviews.org/ http://routeviews.org/  Routing information repository for …  Analysis of BGP routing table dynamics.  Work on routing table growth.  Analysis of geographic scope of routing announcements.

6 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr)6 Related works  RIPE NCC – Routing Information Service.  http://www.ripe.net/ris/ http://www.ripe.net/ris/  Much more than a Looking glass.  Provide historical information about internet routing.  Collects information by using Remote Route Collectors at different locations around the world.  Integrate this information into a comprehensive view.

7 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr)7 Related works  PacketDesign – Route Explorer  http://www.packetdesign.com/ http://www.packetdesign.com/  Extensive real-time and historical router event monitoring and analysis for troubleshooting networks using BGP connections.  Real-Time IP Network Visualization and Monitoring.  Detect, Analyze and Diagnose Layer 3 Problems.  User-Defined Alerts and Reports.  Scenario Planning and Impact Analysis.

8 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr)8 Related works  PacketDesign – Route Explorer

9 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr)9 Related works  PacketDesign -  http://www.packetdesign.com/flash/index.html http://www.packetdesign.com/flash/index.html

10 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr)10 Related works  Jun Li, Routing forensics  Online BGP data analysis system that takes Route View data as the continuous input.  State machine - Detect suspicious routing information exchanged among BGP routers.

11 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr)11 IRAM – On going works (1)  Design formal IRAM architecture.

12 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr)12 IRAM – On going works (2)  EBGP peering with kaist-border router.

13 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr)13 IRAM - On going works (3)  [~2004 09 15] Deploy bgpmon.kisti  More intelligent agent script for bgpmon. dump -> /yyyymm/UPDATES/, RIBS/ -> bzip archiving -> backup ?  Project web page.  http://an.kaist.ac.kr/~dklee/research/iram/ http://an.kaist.ac.kr/~dklee/research/iram/

14 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr)14 IRAM - Future works.  Negotiate with other-net admins for EBGP peering.  What kind of views on data we need to provide?  It’s not a technical problem but a political problem!  Research on existing routing anomaly detection techniques.  Offline misconfigurations.  MOAS.  Cold potato.

15 ETRI meeting (Sep 14, 2004) -- Dongkee LEE (dklee@an.kaist.ac.kr)15  The END

Download ppt "ETRI meeting (Sep 14, 2004) -- Dongkee LEE 1 Internet Routing Anomaly Monitoring System Dongkee LEE."

Similar presentations

Data Mining Challenges for Network Management Nick Feamster, Georgia Tech Dave Andersen, CMU (joint with Jay Lepreau and Emulab)

Data Mining Challenges for Network Management Nick Feamster, Georgia Tech Dave Andersen, CMU (joint with Jay Lepreau and Emulab)
Multihoming and Multi-path Routing

Multihoming and Multi-path Routing
SIGCOMM2006/INM1 Policy-based BGP Control Architecture for Autonomous Routing Management Osamu Akashi *, Kensuke Fukuda, Toshio Hirotsu, Toshiharu Sugawara.

SIGCOMM2006/INM1 Policy-based BGP Control Architecture for Autonomous Routing Management Osamu Akashi *, Kensuke Fukuda, Toshio Hirotsu, Toshiharu Sugawara.
1 Copyright  1999, Cisco Systems, Inc. Module10.ppt10/7/1999 8:27 AM BGP — Border Gateway Protocol Routing Protocol used between AS’s Currently Version.

1 Copyright  1999, Cisco Systems, Inc. Module10.ppt10/7/1999 8:27 AM BGP — Border Gateway Protocol Routing Protocol used between AS’s Currently Version.
Dongkee LEE 1 An Analysis of BGP Multiple Origin AS (MOAS) Conflicts Xiaoliang Zhao, et al.

Dongkee LEE 1 An Analysis of BGP Multiple Origin AS (MOAS) Conflicts Xiaoliang Zhao, et al.
Dongkee LEE 1 Understanding BGP Misconfiguration Ratul Mahajan, David Wetherall, Tom Anderson.

Dongkee LEE 1 Understanding BGP Misconfiguration Ratul Mahajan, David Wetherall, Tom Anderson.
BGP in 2009 Geoff Huston APNIC May 2009. Conventional BGP Wisdom IAB Workshop on Inter-Domain routing in October 2006 – RFC 4984: “routing scalability.

BGP in 2009 Geoff Huston APNIC May Conventional BGP Wisdom IAB Workshop on Inter-Domain routing in October 2006 – RFC 4984: “routing scalability.
1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.

1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.
Traffic Engineering With Traditional IP Routing Protocols

Traffic Engineering With Traditional IP Routing Protocols
Analysis of BGP Routing Tables

Analysis of BGP Routing Tables
A Measurement Framework for Pin-Pointing Routing Changes Renata Teixeira (UC San Diego) with Jennifer Rexford (AT&T)

A Measurement Framework for Pin-Pointing Routing Changes Renata Teixeira (UC San Diego) with Jennifer Rexford (AT&T)
Delayed Internet Routing Convergence Craig Labovitz, Abha Ahuja, Abhijit Bose, Farham Jahanian Presented By Harpal Singh Bassali.

Delayed Internet Routing Convergence Craig Labovitz, Abha Ahuja, Abhijit Bose, Farham Jahanian Presented By Harpal Singh Bassali.
Bgpmon real-time collection and distribution of BGP updates Dave Matthews, Yan Chen, Dan Massey Department of Computer Science Colorado State University.

Bgpmon real-time collection and distribution of BGP updates Dave Matthews, Yan Chen, Dan Massey Department of Computer Science Colorado State University.
Wresting Control from BGP: Scalable Fine-grained Route Control UCSD / AT&T Research Usenix —June 22, 2007 Dan Pei, Tom Scholl, Aman Shaikh, Alex C. Snoeren,

Wresting Control from BGP: Scalable Fine-grained Route Control UCSD / AT&T Research Usenix —June 22, 2007 Dan Pei, Tom Scholl, Aman Shaikh, Alex C. Snoeren,
10/17/2002RAID 2002, Zurich1 ELISHA: A Visual-Based Anomaly Detection System Soon-Tee Teoh, Kwan-Liu Ma S. Felix Wu University of California, Davis Dan.

10/17/2002RAID 2002, Zurich1 ELISHA: A Visual-Based Anomaly Detection System Soon-Tee Teoh, Kwan-Liu Ma S. Felix Wu University of California, Davis Dan.
02/06/2006ecs236 winter 20061 Intrusion Detection ecs236 Winter 2006: Intrusion Detection #4: Anomaly Detection for Internet Routing Dr. S. Felix Wu Computer.

02/06/2006ecs236 winter Intrusion Detection ecs236 Winter 2006: Intrusion Detection #4: Anomaly Detection for Internet Routing Dr. S. Felix Wu Computer.
A a secure peering. RIB table dump by attributes in order to save space. References 1. RouteViews, 2. RIPE,

A a secure peering. RIB table dump by attributes in order to save space. References 1. RouteViews, 2. RIPE,
Graphs and Topology Yao Zhao. Background of Graph A graph is a pair G =(V,E) –Undirected graph and directed graph –Weighted graph and unweighted graph.

Graphs and Topology Yao Zhao. Background of Graph A graph is a pair G =(V,E) –Undirected graph and directed graph –Weighted graph and unweighted graph.
Winter Retreat - 2003 Connecting the Dots: Using Runtime Paths for Macro Analysis Mike Chen, Emre Kıcıman, Anthony Accardi, Armando Fox, Eric Brewer

Winter Retreat Connecting the Dots: Using Runtime Paths for Macro Analysis Mike Chen, Emre Kıcıman, Anthony Accardi, Armando Fox, Eric Brewer
A victim-centric peer-assisted framework for monitoring and troubleshooting routing problems.

A victim-centric peer-assisted framework for monitoring and troubleshooting routing problems.

Similar presentations

Ads by Google