Filtering the Noise to Reveal Inter-Domain Lies


On the Internet, routers of Autonomous Systems (ASes) have to determine their preferred inter-domain route, i.e. control path (CP), for each IP prefix. The traffic is then forwarded AS after AS, following a data path (DP) that should match the CP for the same prefix. The underlying implicit trust that ASes advertise the paths they use for packet forwarding may be misplaced. Network operators may tweak CPs and DPs to carry out inter-domain lies that are visible when the two paths differ. Lies can be either unintended, due to misconfigurations or technical limitations, or deliberate, e.g. for economical gain. While lies globally mitigate the ability to troubleshoot and understand the root cause of connectivity issues, detecting them is not a trivial task as the ground data is noisy.In this paper, we propose a modular framework to measure and correctly quantify the discrepancies between CPs and DPs. We define several rules to overcome specific sources of noise inducing mismatches (MMs), e.g., incomplete traces, sibling ASes, IXPs or third-party addresses in general. We leverage the Peering testbed to conduct a measurement campaign at a scale never achieved before, and conclude that, while the upper bound of lies is significant, the lower bound is not negligible. This suggests that the noise interfering with collected traces is not the sole culprit for the MMs between CPs and DPs.

Network Traffic Measurement and Analysis Conference, TMA 2019
Cristel Pelsser
Cristel Pelsser
Critical embedded systems, Computer networking, Researcher, Professor

The focus of my research is on network operations, routing, Internet measurements, protocols and security.