190 likes | 344 Views
Developing the Science of Networks. Impact of Prefix Hijacking on Payments of Providers. Pradeep Bangera and Sergey Gorinsky Institute IMDEA Networks, Madrid, Spain. COMSNETS 2011, 6 January 2011. Outline. Background Internet structure IP and BGP Prefix hijacking Contribution
E N D
Developing the Science of Networks Impact of Prefix Hijacking on Payments of Providers Pradeep Bangera and Sergey Gorinsky Institute IMDEA Networks, Madrid, Spain COMSNETS 2011, 6 January 2011
Outline • Background • Internet structure • IP and BGP • Prefix hijacking • Contribution • Economic perspective on traffic attraction via prefix hijacking • Methodology • Real AS-level topology data set • Internet-scale simulations in C-BGP • Results • BGP connectivity, inter-AS link traffic, payments of providers • Conclusions Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Internet Structure • Internet entities • More than a billion users • Tens of thousands of Internet Service Providers (ISPs) • Own infrastructure organized as ASes (Autonomous Systems) • Form a hierarchy: local, regional, global ASes • Operate as commercial entities • Inter-AS relationships • Transit links • Result in payments from the customer to the provider for the traffic exchanged in both directions • Peering links • Exchange traffic of own customers at reduced costs Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Internet Protocol (IP) Forwarding • IP identifies destinations with 32-bit addresses • A prefix compactly represents a block of IP addresses • Forwarding table of a router maps prefixes to output links • A router uses the forwarding table to forward IP packets • Based on the longest-prefix match rule • e.g., Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Border Gateway Protocol (BGP) Routing • Constructs and maintain forwarding tables in routers • Relies on AS announcements of paths to prefixes • Does not have a mechanism for verifying the validity of path announcements Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Prefix Hijacking • Refers to BGP announcements that attract traffic to different paths • e.g., by pretending to own a more specific prefix than the one announced by the prefix owner • Has been studied from security perspectives • prevention is difficult Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Our Contribution Economic perspective on prefix hijacking as a mechanism for sustainable traffic attraction that boosts ISP revenues Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Methodology • Internet-scale simulations in C-BGP • Before and after prefix hijacking • Real Internet data • Real 2008 incident of YouTube prefix hijacking by Pakistan Telecommunication Company Limited (PTCL) • Cooperative Association for Internet Data Analysis (CAIDA) data set for the contemporary AS-level topology • Synthetic traffic • Uniform YouTube-addressed video uploads from 27084 ASes • No other traffic for simulation scalability reasons Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Link Pricing and Provider Payments • Price pt for a transit link [Amogh et al.]: pt = mt (V 0.75) • V is the 95th percentile of the traffic volume in Kbps • mt= 0.0675 is such that 1 Mbps is priced at $12 • Price pe for a peering link [H. Chang et al.]: pe = me (V 0.4) • me = 0.0631 is such that 1 Mbpsis priced at $1 • Payment P of an AS: P = ∑t є R pt - ∑t є C pt - ∑e є E pe • Set R contains the transit links where the AS is a provider • Set C contains the transit links where the AS is a customer • Set E contains the peering links of the AS Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Three Levels of Simulation Results • BGP path counts of transit ASes • Transit AS is an AS that serves a BGP path between other ASes • BGP path count of a transit AS is the number of BGP paths traversing the AS • Inter-AS link traffic • Provider payments Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
BGP Path Counts of Transit ASes 2878 transit ASes: 64,213 BGP paths 2760 transit ASes: 68,962 BGP paths Distributions are similar but some ASes are significantly affected 12,942 9,733 219 5 Before prefix hijacking After prefix hijacking Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Losers and Winners of BGP Paths 9,728 12,723 Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Inter-AS Link Traffic YouTube traffic hijacked by PTCL traffic to YouTube YouTube (AS 36561) PTCL (AS 17557) Before prefix hijacking After prefix hijacking PTCL (AS 17557) successfully attracts YouTube (AS 36561) traffic from all the BGP-connected ASes Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Payments of Providers TransitRail YouTube PTCL Before prefix hijacking After prefix hijacking Realistic traffic matrices and pricing functions are important Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Financial Losers and Gainers $708 $476 $823 • Economic incentive • Low in absolute terms but relatively high, e.g., Verizon Business gains $476 • which is 58% of the YouTube payments • Higher if multiple prefixes are hijacked • Biggest financial winners and losers • Top-tier provider-free ASes Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Viability of Traffic Attraction via Prefix Hijacking • Technical feasibility • Detection is limited • Prevention is very difficult especially if all the ISPs along the hijacked path are comfortable with the traffic attraction • Legal feasibility • Global nature of Internet complicates the judicial process • ISPs operate within different national boundaries • Business feasibility • Reputation and negotiation power are important factors Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Future Work • Realistic traffic matrices • Realistic link pricing functions • Traffic-interception scenarios where top-tier ISPs hijack traffic to deliver it to the destinations • Economic tussle as a dynamic game Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Conclusions • First economic perspective on prefix hijacking as a mechanism for • sustainable traffic attraction that boosts ISP revenues • Internet-scale simulations in C-BGP using a real CAIDA data set • Quantitative impact of prefix hijacking on payments of providers • Technical, legal and business feasibility of traffic attraction via • prefix hijacking • Top-tier provider-free ASes as the biggest financial beneficiaries • and other directions for future work Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"
Thank you Pradeep Bangera and Sergey Gorinsky, "Impact of Prefix Hijacking on Payments of Providers"