Stable internet routing without global coordination
IEEE/ACM Transactions on Networking (TON)
Towards an accurate AS-level traceroute tool
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
iPlane: an information plane for distributed services
OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
A study of prefix hijacking and interception in the internet
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Cyclops: the AS-level connectivity observatory
ACM SIGCOMM Computer Communication Review
Modeling on quicksand: dealing with the scarcity of ground truth in interdomain routing data
ACM SIGCOMM Computer Communication Review
Anatomy of a large european IXP
Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
Concurrent prefix hijacks: occurrence and impacts
Proceedings of the 2012 ACM conference on Internet measurement conference
On the incompleteness of the AS-level graph: a novel methodology for BGP route collector placement
Proceedings of the 2012 ACM conference on Internet measurement conference
Hi-index | 0.00 |
China Telecom's hijack of approximately 50,000 IP prefixes in April 2010 highlights the potential for traffic interception on the Internet. Indeed, the sensitive nature of the hijacked prefixes, including US government agencies, garnered a great deal of attention and highlights the importance of being able to characterize such incidents after they occur. We use the China Telecom incident as a case study, to understand (1) what can be learned about large-scale routing anomalies using public data sets, and (2) what types of data should be collected to diagnose routing anomalies in the future. We develop a methodology for inferring which prefixes may be impacted by traffic interception using only control-plane data and validate our technique using data-plane traces. The key findings of our study of the China Telecom incident are: (1) The geographic distribution of announced prefixes is similar to the global distribution with a tendency towards prefixes registered in the Asia-Pacific region, (2) there is little evidence for subprefix hijacking which supports the hypothesis that this incident was likely a leak of existing routes, and (3) by preferring customer routes, providers inadvertently enabled interception of their customer's traffic.