ETRI meeting (Sep 14, 2004) -- Dongkee LEE 1 Internet Routing Anomaly Monitoring System Dongkee LEE.

Slides:

Advertisements

Similar presentations

Data Mining Challenges for Network Management Nick Feamster, Georgia Tech Dave Andersen, CMU (joint with Jay Lepreau and Emulab)

Advertisements

Multihoming and Multi-path Routing

SIGCOMM2006/INM1 Policy-based BGP Control Architecture for Autonomous Routing Management Osamu Akashi ＊, Kensuke Fukuda, Toshio Hirotsu, Toshiharu Sugawara.

1 Copyright  1999, Cisco Systems, Inc. Module10.ppt10/7/1999 8:27 AM BGP — Border Gateway Protocol Routing Protocol used between AS’s Currently Version.

Dongkee LEE 1 An Analysis of BGP Multiple Origin AS (MOAS) Conflicts Xiaoliang Zhao, et al.

Dongkee LEE 1 Understanding BGP Misconfiguration Ratul Mahajan, David Wetherall, Tom Anderson.

BGP in 2009 Geoff Huston APNIC May Conventional BGP Wisdom IAB Workshop on Inter-Domain routing in October 2006 – RFC 4984: “routing scalability.

1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.

Traffic Engineering With Traditional IP Routing Protocols

Analysis of BGP Routing Tables

A Measurement Framework for Pin-Pointing Routing Changes Renata Teixeira (UC San Diego) with Jennifer Rexford (AT&T)

Delayed Internet Routing Convergence Craig Labovitz, Abha Ahuja, Abhijit Bose, Farham Jahanian Presented By Harpal Singh Bassali.

Bgpmon real-time collection and distribution of BGP updates Dave Matthews, Yan Chen, Dan Massey Department of Computer Science Colorado State University.

Wresting Control from BGP: Scalable Fine-grained Route Control UCSD / AT&T Research Usenix —June 22, 2007 Dan Pei, Tom Scholl, Aman Shaikh, Alex C. Snoeren,

10/17/2002RAID 2002, Zurich1 ELISHA: A Visual-Based Anomaly Detection System Soon-Tee Teoh, Kwan-Liu Ma S. Felix Wu University of California, Davis Dan.

02/06/2006ecs236 winter Intrusion Detection ecs236 Winter 2006: Intrusion Detection #4: Anomaly Detection for Internet Routing Dr. S. Felix Wu Computer.

A a secure peering. RIB table dump by attributes in order to save space. References 1. RouteViews, 2. RIPE,

Graphs and Topology Yao Zhao. Background of Graph A graph is a pair G =(V,E) –Undirected graph and directed graph –Weighted graph and unweighted graph.

Winter Retreat Connecting the Dots: Using Runtime Paths for Macro Analysis Mike Chen, Emre Kıcıman, Anthony Accardi, Armando Fox, Eric Brewer

A victim-centric peer-assisted framework for monitoring and troubleshooting routing problems.

Web 3.0 or The Semantic Web By: Konrad Sit CCT355 November 21 st 2011.

OSPF To route, a router needs to do the following: Know the destination address Identify the sources it can learn from Discover possible.

“Harnessing the Intelligence of IP”

Routing Measurements Matt Zekauskas, ITF Meeting 2006-Apr-24.

1 Integrating a Network IDS into an Open Source Cloud Computing Environment 1st International Workshop on Security and Performance in Emerging Distributed.

A LIGHT-WEIGHT DISTRIBUTED SCHEME FOR DETECTING IP PREFIX HIJACKS IN REAL TIME Changxi Zheng, Lusheng Ji, Dan Pei, Jia Wang and Paul Francis. Cornell University,

A Vehicular Ad Hoc Networks Intrusion Detection System Based on BUSNet.

Scaling IXPs Scalable Infrastructure Workshop. Objectives  To explain scaling options within the IXP  To introduce the Internet Routing Registry at.

Impact of Prefix Hijacking on Payments of Providers Pradeep Bangera and Sergey Gorinsky Institute IMDEA Networks, Madrid, Spain Developing the Science.

Research on design and implementation of Internet measurement infrastructure Lv Jun Aug 28, 2003.

Real-Time BGP Data Access 1 Mikhail Strizhov Colorado State University.

Dongkee LEE 1 BorderGuard: Detecting Cold Potatoes from Peers Nick Feamster, et al.

Architecting the Network Part 3 Geoff Huston Chief Scientist, Internet Telstra ISOC Workshop.

Module 4: Planning, Optimizing, and Troubleshooting DHCP

Current Practice for Network Analysis in CSTNet Chunjing Han CSTNET, CNIC

Issues with Inferring Internet Topological Attributes Lisa Amini ab, Anees Shaikh a, Henning Schulzrinne b a IBM T.J. Watson Research Center b Columbia.

ETRI meeting (Feb 16, 2005) -- Dongkee LEE 1 Sapphire/Slammer worm impact on Internet routing Dongkee LEE.

1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.

Integration of 6LoWPAN into IP networks draft-cansever-6lowpan-integration-00.txt Derya Cansever Geoff Mulligan Carl Williams.

BCNET Conference April 29, 2009 Andree Toonk BGPmon.net Prefix hijacking! Do you know who's routing your network? Andree Toonk

Use cases Navigation Problem notification Problem analysis.

More on Internet Routing A large portion of this lecture material comes from BGP tutorial given by Philip Smith from Cisco (ftp://ftp- eng.cisco.com/pfs/seminars/APRICOT2004.

A Light-Weight Distributed Scheme for Detecting IP Prefix Hijacks in Real-Time Lusheng Ji†, Joint work with Changxi Zheng‡, Dan Pei†, Jia Wang†, Paul Francis‡

Introduction & Vision. Introduction MANTICORE provides a software implementation and tools for providing and managing routers and IP networks as services.

L. Apricot 2001 Kuala Lumpur. 1 Routing Information Service (RIS) Antony Antony, Thomas Franchetti, Henk Uijterwaal, Daniel Karrenberg.

1 Mean Time to Innocence Your Dashboards are Green – but your end users are still complaining. Now What? Phil Stanhope October 2015.

Yaping Zhu with: Jennifer Rexford (Princeton University) Aman Shaikh and Subhabrata Sen (ATT Research) Route Oracle: Where Have.

Confidential Rapid Troubleshooting for Data, VoIP, and Video VoIP Performance Manager.

Resolve today’s IT management dilemma Enable generalist operators to localize user perceptible connectivity problems Raise alerts prioritized by the amount.

Internet Traffic Engineering Motivation: –The Fish problem, congested links. –Two properties of IP routing Destination based Local optimization TE: optimizing.

Constructing Inter-Domain Packet Filters to Control IP Spoofing Based on BGP Updates Zhenhai Duan, Xin Yuan Department of Computer Science Florida State.

TiPS Inc. (512) ext. 115 (800) ext LogMate: Effective Alarm Management With Architectural Flexibility.

Atrium Router Project Proposal Subhas Mondal, Manoj Nair, Subhash Singh.

1 On the Impact of Route Monitor Selection Ying Zhang* Zheng Zhang # Z. Morley Mao* Y. Charlie Hu # Bruce M. Maggs ^ University of Michigan* Purdue University.

CompTIA Security+ Study Guide (SY0-401)

Pertemuan 19 Introduction to TCP/IP

Architecting the Network Part 3

The NPD Group - Enterprise DC Agenda

Instantiation of the Concept in GAMMA Prototypes

CompTIA Security+ Study Guide (SY0-401)

Lixin Gao ECE Dept. UMASS, Amherst

Streaming Network Analytics System

Module Summary BGP is a path-vector routing protocol that allows routing policy decisions at the AS level to be enforced. BGP is a policy-based routing.

BGP Overview BGP concepts and operation.

OSPF and BGP State Migration for Resource-portable IP router

© 2006 ITT Educational Services Inc.

The real-time Internet routing observatory

Scrumium NetBrain Thursday, May 09, 2019.

Multicasting Unicast.

Architectural Implications of the “FixIt” KP Application

Presentation transcript:

ETRI meeting (Sep 14, 2004) -- Dongkee LEE 1 Internet Routing Anomaly Monitoring System Dongkee LEE

ETRI meeting (Sep 14, 2004) -- Dongkee LEE  Internet Routing Anomaly Monitoring. (’04 8, 18 ~ )  Related works  System – the present position (’04 9, )  Future works

ETRI meeting (Sep 14, 2004) -- Dongkee LEE IRAM – basic idea.  Internet Routing Anomaly Monitoring.

ETRI meeting (Sep 14, 2004) -- Dongkee LEE IRAM – goals.  Construct routes monitoring infrastructure.  Obtain real-time information about the global routing system.  Then, What can we do with this?  Survey on routing anomaly detection.  Other uses.  AS path visualization,  Map IP addresses to AS for topological studies.

ETRI meeting (Sep 14, 2004) -- Dongkee LEE Related works  University of Oregon – Route Views Project.   Routing information repository for …  Analysis of BGP routing table dynamics.  Work on routing table growth.  Analysis of geographic scope of routing announcements.

ETRI meeting (Sep 14, 2004) -- Dongkee LEE Related works  RIPE NCC – Routing Information Service.   Much more than a Looking glass.  Provide historical information about internet routing.  Collects information by using Remote Route Collectors at different locations around the world.  Integrate this information into a comprehensive view.

ETRI meeting (Sep 14, 2004) -- Dongkee LEE Related works  PacketDesign – Route Explorer   Extensive real-time and historical router event monitoring and analysis for troubleshooting networks using BGP connections.  Real-Time IP Network Visualization and Monitoring.  Detect, Analyze and Diagnose Layer 3 Problems.  User-Defined Alerts and Reports.  Scenario Planning and Impact Analysis.

ETRI meeting (Sep 14, 2004) -- Dongkee LEE Related works  PacketDesign – Route Explorer

ETRI meeting (Sep 14, 2004) -- Dongkee LEE Related works  PacketDesign - 

ETRI meeting (Sep 14, 2004) -- Dongkee LEE Related works  Jun Li, Routing forensics  Online BGP data analysis system that takes Route View data as the continuous input.  State machine - Detect suspicious routing information exchanged among BGP routers.

ETRI meeting (Sep 14, 2004) -- Dongkee LEE IRAM – On going works (1)  Design formal IRAM architecture.

ETRI meeting (Sep 14, 2004) -- Dongkee LEE IRAM – On going works (2)  EBGP peering with kaist-border router.

ETRI meeting (Sep 14, 2004) -- Dongkee LEE IRAM - On going works (3)  [~ ] Deploy bgpmon.kisti  More intelligent agent script for bgpmon. dump -> /yyyymm/UPDATES/, RIBS/ -> bzip archiving -> backup ?  Project web page. 

ETRI meeting (Sep 14, 2004) -- Dongkee LEE IRAM - Future works.  Negotiate with other-net admins for EBGP peering.  What kind of views on data we need to provide?  It’s not a technical problem but a political problem!  Research on existing routing anomaly detection techniques.  Offline misconfigurations.  MOAS.  Cold potato.

ETRI meeting (Sep 14, 2004) -- Dongkee LEE  The END