impact of prefix hijacking on payments of providers pradeep bangera and sergey gorinsky institute...
TRANSCRIPT
Impact of Prefix Hijacking on Payments of Providers
Pradeep Bangera and Sergey Gorinsky
Institute IMDEA Networks, Madrid, Spain
Developing the Science of
Networks
COMSNETS 2011, 6 January 2011
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
2
Outline Background
Internet structure
IP and BGP
Prefix hijacking
Contribution Economic perspective on traffic attraction via prefix hijacking
Methodology Real AS-level topology data set
Internet-scale simulations in C-BGP
Results BGP connectivity, inter-AS link traffic, payments of providers
Conclusions
Internet Structure Internet entities
More than a billion users
Tens of thousands of Internet Service Providers (ISPs)
Own infrastructure organized as ASes (Autonomous Systems)
Form a hierarchy: local, regional, global ASes
Operate as commercial entities
Inter-AS relationships
Transit links
Result in payments from the customer to the provider
for the traffic exchanged in both directions
Peering links
Exchange traffic of own customers at reduced costs
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
3
Internet Protocol (IP) Forwarding
IP identifies destinations with 32-bit addresses
A prefix compactly represents a block of IP addresses
Forwarding table of a router maps prefixes to output links
A router uses the forwarding table to forward IP packets
Based on the longest-prefix match rule
e.g.,
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
4
Prefix output_link
192.168.128.0/26 e0
192.168.128.0/24 e1
Border Gateway Protocol (BGP) Routing
Constructs and maintain forwarding tables in routers
Relies on AS announcements of paths to prefixes
Does not have a mechanism for verifying
the validity of path announcements
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
5
Prefix Hijacking Refers to BGP announcements that attract traffic to different paths
e.g., by pretending to own a more specific prefix than the one
announced by the prefix owner
Has been studied from security perspectives prevention is difficult
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
6
208.65.153.0/24
Our Contribution
Economic perspective on prefix hijacking as
a mechanism for sustainable traffic attraction
that boosts ISP revenues
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
7
Methodology Internet-scale simulations in C-BGP
Before and after prefix hijacking
Real Internet data Real 2008 incident of YouTube prefix hijacking by
Pakistan Telecommunication Company Limited (PTCL)
Cooperative Association for Internet Data Analysis (CAIDA) data set
for the contemporary AS-level topology
Synthetic traffic Uniform YouTube-addressed video uploads from 27084 ASes
No other traffic for simulation scalability reasons
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
8
Microsoft Office PowerPoint 97-2003 Pres
Link Pricing and Provider Payments
Price pt for a transit link [Amogh et al.]: pt = mt (V 0.75)
V is the 95th percentile of the traffic volume in Kbps mt = 0.0675 is such that 1 Mbps is priced at $12
Price pe for a peering link [H. Chang et al.]: pe = me (V 0.4)
me = 0.0631 is such that 1 Mbps is priced at $1
Payment P of an AS: P = ∑t є R pt - ∑t є C pt - ∑e є E pe
Set R contains the transit links where the AS is a provider Set C contains the transit links where the AS is a customer Set E contains the peering links of the AS
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
9
Three Levels of Simulation Results
BGP path counts of transit ASes
Transit AS is an AS that serves a BGP path between other ASes
BGP path count of a transit AS is the number of BGP paths traversing the AS
Inter-AS link traffic
Provider payments
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
10
BGP Path Counts of Transit ASes
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
11
Distributions are similar but some ASes are significantly affected
Before prefix hijacking After prefix hijacking
2878 transit ASes: 64,213 BGP paths 2760 transit ASes: 68,962 BGP paths
9,733
5219
12,942
Losers and Winners of BGP Paths
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
12
9,728
12,723
Inter-AS Link Traffic
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
13
Before prefix hijacking After prefix hijacking
PTCL (AS 17557) successfully attracts YouTube (AS 36561) traffic from all the BGP-connected ASes
traffic to YouTube YouTube traffic hijacked by PTCL
YouTube (AS 36561)
PTCL (AS 17557)
Payments of Providers
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
14
Realistic traffic matrices and pricing functions are important
YouTubeTransitRail PTCL
Before prefix hijacking After prefix hijacking
Financial Losers and Gainers
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
15
Economic incentive
Low in absolute terms but relatively high, e.g., Verizon Business gains $476 which is 58% of the YouTube payments Higher if multiple prefixes are hijacked
Biggest financial winners and losers Top-tier provider-free ASes
$708
$476 $823
Viability of Traffic Attraction via Prefix Hijacking
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
16
Technical feasibility Detection is limited Prevention is very difficult especially if all the ISPs along the hijacked path are comfortable with the traffic attraction
Legal feasibility Global nature of Internet complicates the judicial process ISPs operate within different national boundaries
Business feasibility Reputation and negotiation power are important factors
Future Work
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
17
Realistic traffic matrices
Realistic link pricing functions
Traffic-interception scenarios where top-tier ISPs hijack traffic to deliver it to the destinations
Economic tussle as a dynamic game
Conclusions
Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
18
First economic perspective on prefix hijacking as a mechanism for sustainable traffic attraction that boosts ISP revenues
Internet-scale simulations in C-BGP using a real CAIDA data set
Quantitative impact of prefix hijacking on payments of providers
Technical, legal and business feasibility of traffic attraction via prefix hijacking
Top-tier provider-free ASes as the biggest financial beneficiaries and other directions for future work