In the first months of 2011, Internet communications were disrupted in several North African countries response to civilian protests and threats civil war. this paper we analyze episodes these disruptions two countries: Egypt Libya. Our analysis relies on multiple sources large-scale data already available academic researchers: BGP interdomain routing control plane data; unsolicited traffic unassigned address space; active macroscopic traceroute measurements; RIR delegation files; MaxMind's...

Peering infrastructures, namely, colocation facilities and Internet exchange points, are located in every major city, have hundreds of network members, support thousands interconnections around the globe. These infrastructures well provisioned managed, but outages to be expected, e.g., due power failures, human errors, attacks, natural disasters. However, little is known about frequency impact at these critical with high peering concentration.

Despite its critical role in Internet connectivity, the Border Gateway Protocol (BGP) remains highly vulnerable to attacks such as prefix hijacking, where an Autonomous System (AS) announces routes for IP space it does not control. To address this issue, Resource Public Key Infrastructure (RPKI) was developed starting 2008, with deployment beginning 2011. This paper performs first comprehensive, longitudinal study of deployment, coverage, and quality RPKI.

Applications often use IP addresses as end host identifiers based on the assumption that do not change frequently, even when dynamically assigned. The validity of this depends upon duration time an address continues to be assigned same host, and in turn, various causes can induce currently change. In work, we identify different lead analyze their effect ISPs around world using data gathered from 3,038 RIPE Atlas probes hosted across 929 ASes 156 countries all 12 months 2015. Our observations...

Understanding data plane health is essential to improving Internet reliability and usability. For instance, detecting disruptions in distant networks can identify repairable connectivity problems. Currently this task difficult time consuming as operators have poor visibility beyond their network's border. In paper we leverage the diversity of RIPE Atlas traceroute measurements solve classic problem monitoring in-network delays get credible delay change estimations monitor network conditions...

The Resource Public Key Infrastructure (RPKI) is a system to add security the Internet routing. In recent years, publication of Route Origin Authorization (ROA) objects, which bind IP prefixes their legitimate origin ASN, has been rapidly increasing. However, ROAs are effective only if routers use them verify and filter invalid BGP announcements, process called Validation (ROV).

Unsolicited one-way Internet traffic, also called background radiation (IBR), has been used for years to study malicious activity on the Internet, including worms, DoS attacks, and scanning address space looking vulnerabilities exploit. We show how such traffic can be analyze macroscopic events that are unrelated malware. examine two phenomena: country-level censorship of communications described in recent work, natural disasters (two earthquakes). introduce a new metric local IBR based...

In the first months of 2011, Internet communications were disrupted in several North African countries response to civilian protests and threats civil war. this paper, we analyze episodes these disruptions two countries: Egypt Libya. Our analysis relies on multiple sources large-scale data already available academic researchers: BGP interdomain routing control plane data, unsolicited traffic unassigned address space, active macroscopic traceroute measurements, RIR delegation files, MaxMind's...

Network operators and researchers frequently use Internet measurement platforms (IMPs), such as RIPE Atlas, RIS, or RouteViews for, e.g., monitoring network performance, detecting routing events, topology discovery, route optimization. To interpret the results of their measurements avoid pitfalls wrong generalizations, users must understand a platform's limitations. this end, paper studies an important limitation IMPs, bias, which exists due to non-uniform deployment vantage points....

Outage detection has been studied from different angles, such as active probing, analysis of background radiations, or control plane information. We approach outage a new perspective. Disco is technique that uses existing long-running TCP connections to identify bursts disconnections. The benefits are considerable we can monitor, without adding single packet the traffic, Internet-wide swaths infrastructure were not monitored previously because they are, for example, responsive ICMP probes...

Internet Background Radiation (IBR) is unsolicited network traffic mostly generated by malicious software, e.g., worms, scans. In previous work, we extracted a signal from IBR arriving at large (/8) segment of unassigned IPv4 address space to identify large-scale disruptions connectivity an Autonomous System (AS) granularity, and used our technique study episodes government censorship natural disasters [1]. Here explore other IBR-derived metrics that may provide insights into the causes...

Round-Trip Times are one of the most commonly collected performance metrics in computer networks. Measurement platforms such as RIPE Atlas provide researchers and network operators with an unprecedented amount historical Internet delay measurements. It would be very useful to process these measurements automatically (statistical characterization path performance, change detection, recognition recurring patterns, etc.). Humans quite good at finding patterns measurements, but it can difficult...

poster Free Access Share on AS Hegemony: A Robust Metric for Centrality Authors: Romain Fontugne IIJ Research Lab LabView Profile , Anant Shah Colorado State University UniversityView Emile Aben RIPE NCC NCCView Authors Info & Claims SIGCOMM Posters and Demos '17: Proceedings of the DemosAugust 2017 Pages 48–50https://doi.org/10.1145/3123878.3131982Published:22 August 2017Publication History 4citation288DownloadsMetricsTotal Citations4Total Downloads288Last 12 Months70Last 6 weeks7 Get...

Internet Background Radiation (IBR) is unsolicited network traffic mostly generated by malicious software, e.g., worms, scans. In previous work, we extracted a signal from IBR arriving at large (/8) segment of unassigned IPv4 address space to identify large-scale disruptions connectivity an Autonomous System (AS) granularity, and used our technique study episodes government censorship natural disasters [1]. Here explore other IBR-derived metrics that may provide insights into the causes...

No abstract available.

It is a challenge to select the most appropriate vantage points in measurement platform with wide selection. RIPE Atlas [2], for example currently has over 9600 active points, selections based on AS, country, etc. A user limited how many they can use measurement. This not only due limitations imposes, but data from large number of would produce volume analyse and store. So it makes sense optimize minimal set maximum chance observing phenomenon which interested.

Characterizing the interconnectivity of networks at a country level is an interesting but non-trivial task. The IXP Country Jedi existing prototype that uses RIPE Atlas probes in order to explore level, taking into account all Autonomous Systems (AS) where are deployed. In this work, we build upon basis and specifically focus on "eyeball" networks, i.e. user-facing with largest user populations any given country, what extent can provide insights their interconnectivity. particular, focused...