We are currently observing a significant increase in the popularity of Unmanned Aerial Vehicles (UAVs), popularly also known by their generic term drones. This is not only case for recreational UAVs, that one can acquire few hundred dollars, but more sophisticated ones, namely professional whereby cost reach several thousands dollars. These UAVs to be largely employed sensitive missions such as monitoring critical infrastructures and operations police force. Given these applications,...

ABSTRACT The Border Gateway Protocol (BGP) is known to have serious security vulnerabilities. One of these vulnerabilities BGP route leaks. A leak describes the propagation announcements beyond their intended scope, violating Gao‐Rexford model. Route leaks may lead traffic misdirection, causing performance issues and potential risks, often due mistakes misconfiguration. Several solutions been published are currently greatly discussed within Internet Engineering Task Force (IETF) but yet be...

Nearly all scenarios in the networking domain require reliable radio communication. However, for some use-cases such as military operations or disaster recovery realm of catastrophic events it is even more crucial successful completion. In practice, MANETs are commonly used these they expose features that suit well civil requirements very well, e.g. strict QoS limitations and specific data type support. Since new applications not only transmission static content, but instead continuous...

The adoption of the Resource Public Key Infrastructure (RPKI) is increasing. To better understand and improve RPKI deployment, measuring route origin authorization (ROA) objects, validation (ROV), resilience essential. In this paper, we survey RPKI-related research that aims to deployment. Additionally, enrich our with many industry IETF-related contributions. Our work provides an in-depth analysis ideas challenges discussed in studies ecosystem includes lessons from mistakes made past,...

BGP has been known to be vulnerable hijacking and path manipulation attacks for many years. Several solutions have proposed secure either the origin, path, or both. A issue new ideas is their evaluation. Simulation environments are easy use but can only mimic real-world deployments a certain extent. In this work, we propose BGPEval. framework that capable of creating large-scale testbeds based on KVM hypervisor Docker container technology mimics interconnection ASes according provided AS...

In this paper, we argue that the design of a responsible Internet requires clear understanding current state deployment. This work sheds light on default routing in Internet, strategy reduces control but may help to increase availability when forwarding packets. We revisit and extend two common methodologies based active measurements coverage accuracy. Our results show larger differences between methodologies. confirm route deployment strongly correlates with customer cone size autonomous...

Moving Target Defense (MTD) represents a way of defending networked systems on different levels. It mainly focuses shifting the surfaces protected environment. Existing approaches studied network-level are Port Hopping (PH), which shifts ports, and Network Address Shuffling (NAS), steadily alters network addresses hosts. As result, formerly static attack surface now behaves dynamically whilst relationship ports to services hosts can be changed. Most MTD have only been evaluated theoretically...

In this work we compare seven currently available Resource Public Key Infrastructure (RPKI) validators regarding their ease of installation, performance, consistency in results, code quality, applicability, and feature-richness. We weigh the different characteristics rank each validator based on scores it received during our tests. find Routinator to perform best recommend using RPKI a production environment. Additionally, uncover inconsistencies validation results between investigate...

BGP is known to be inherently insecure. Many solutions have been proposed, with the RPKI becoming operational in 2011. The only provides origin validation. This leaves path manipulation attacks and route leaks unsolved. In this demo session, we present our integration of two plausibility algorithms, namely ASPA AS-Cones, into GoBGP routing daemon. We advantages drawbacks both approaches extend NIST BGP-SRx software suite first implementation AS-Cones.

The deployment of the Resource Public Key Infrastructure (RPKI) is currently gaining traction within operator community and so are measurement methodologies trying to measure current status. These methodologies, which attempting infer Autonomous Systems (ASs) performing Route Origin Validation (ROV), applied onto real world data but validation results usually hard as no ground-truth dataset exists. We propose build such a with help Mininet in way that ROV can be evaluated testbed filtering...

The demand on faster wireless data rates for mobile devices is a known issue since multimedia traffic has been the rise. This affects Multi-hop D2D communications as well MANETs architectures, especially time critical transmissions such video calls. On other hand, QoS in combination with have extensively studied last decades. Hence, It that these networks difficulties delivering high because there no central instance place. Even by introducing controller, it brings up question how to keep...

Dealing with video streams, transmitting various pictures or even exchanging files a mobile device is common practice in today's world. Such services produce large amount of data which has to be transferred over network. For the current Internet infrastructure, these amounts do not pose problem. MANETs contrast struggle high network load due their specific features, namely mobility and decentralized infrastructure. However, some use cases those features are advantageous for civil as well...

TCP/IP has been around for decades and even though it is a connection-oriented protocol, an important number of connections get interrupted or lost compromising the information transferred. We propose approach to measure quality connection by using finite-state machines (FSMs) based on protocol definition. Our method can parse any traffic-dump file report success ratio both client server comparing packets sent received with transitions defined FSM. This implementation have multiple...