Adversarial Degradation of the Availability of Routing Infrastructures and Other Internet-Scale Distributed Systems

Schuchard, Max
2016-06

View/Download File

Schuchard_umn_0130E_17232.pdf (3.46 MB)

Persistent link to this item

http://hdl.handle.net/11299/182196
Statistics
View Statistics

Journal Title

Journal ISSN

Volume Title

Title

Adversarial Degradation of the Availability of Routing Infrastructures and Other Internet-Scale Distributed Systems

Authors

Published Date

2016-06

Publisher

Type

Thesis or Dissertation

Abstract

The Internet relies on its routing infrastructure, a globally spanning distributed system of special purpose computers call routers, to deliver packets between hosts. In order to build the paths data will travel, routers execute a routing protocol called the Border Gateway Protocol, or BGP. BGP is built to be decentralized and highly accommodating to arbitrary preferences of the organizations that own routers. This dissertation focuses on examining the following thesis statement. The current state of BGP, coupled with the Internet's extreme level of topological complexity, allows adversaries who can interact with BGP routers to degrade the availability properties of both the entire Internet routing infrastructure and other Internet-scale distributed systems. The research in this work breaks down into two independent arcs. The first arc focuses on attacks which aim to disrupt the availability of large portions on the Internet's routing infrastructure. Through both simulation and experimentation with representative devices, this work demonstrates that a variety of adversaries can prevent large portions of the Internet from being able to correctly build paths to end destinations. The second arc focuses on how those who control routers, and therefore can decide how the routers will select paths, can attack the availability of distributed systems which closely interact with the transit infrastructure of the Internet. Specifically the work shows how, by altering the BGP decision making process slightly, a variety of systems, ranging from censorship circumvention tools to surveillance systems, can be defeated by such an adversary without loss of general connectivity.

Keywords

Description

University of Minnesota Ph.D. dissertation.June 2016. Major: Computer Science. Advisor: Nicholas Hopper. 1 computer file (PDF); xiv, 145 pages.

Related to

Replaces

License

Collections

Dissertations

Series/Report Number

Funding information

Isbn identifier

Doi identifier

Previously Published Citation

Suggested citation

Content distributed via the University Digital Conservancy may be subject to additional license and use restrictions applied by the depositor. By using these files, users agree to the Terms of Use. Materials in the UDC may contain content that is disturbing and/or harmful. For more information, please see our statement on harmful content in digital repositories.