在detlab中模拟internet拓扑快照

Proceedings of the third ACM conference on Data and application security and privacy Pub Date : 2013-02-18 DOI:10.1145/2435349.2435371

Graciela Perera, Nathan Miller, J. Mela, M. Mcgarry, Jaime C. Acosta

{"title":"在detlab中模拟internet拓扑快照","authors":"Graciela Perera, Nathan Miller, J. Mela, M. Mcgarry, Jaime C. Acosta","doi":"10.1145/2435349.2435371","DOIUrl":null,"url":null,"abstract":"Investigating the Internet's topology is one component towards developing mechanisms that can protect the communication infrastructure underlying our critical systems and applications. We study the feasibility of capturing and fitting Internet's topology snapshots to an emulated environment called Deterlab. Physical limitations on Deterlab include the number of nodes available (i.e., about 400) and the number of interfaces (i.e., 4) to interconnect them. For example, one Internet's topology snapshot at the Autonomous Systems (AS) level has about 100 nodes with 5 nodes requiring more than 4 interfaces. In this paper, we present a short summary of the Internet's topology snapshots collected and propose a solution on how we can represent the snapshots in Deterlab and overcome the limitation of nodes requiring more than four interfaces. Preliminary results show that all paths from snapshots are maintained if a node requiring more than four interfaces had no more than four other nodes requiring four interfaces. Also, we constructed a proof of concept that captures the main idea of using then snapshots in a security experiment in Deterlab. The topology shows a Multiple Origin Autonomous System (MOAS) conflict for 10 nodes. It is scalable to larger topologies in Deterlab because we have automated the topology creation and protocol configuration.","PeriodicalId":118139,"journal":{"name":"Proceedings of the third ACM conference on Data and application security and privacy","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2013-02-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Emulating internet topology snapshots in deterlab\",\"authors\":\"Graciela Perera, Nathan Miller, J. Mela, M. Mcgarry, Jaime C. Acosta\",\"doi\":\"10.1145/2435349.2435371\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Investigating the Internet's topology is one component towards developing mechanisms that can protect the communication infrastructure underlying our critical systems and applications. We study the feasibility of capturing and fitting Internet's topology snapshots to an emulated environment called Deterlab. Physical limitations on Deterlab include the number of nodes available (i.e., about 400) and the number of interfaces (i.e., 4) to interconnect them. For example, one Internet's topology snapshot at the Autonomous Systems (AS) level has about 100 nodes with 5 nodes requiring more than 4 interfaces. In this paper, we present a short summary of the Internet's topology snapshots collected and propose a solution on how we can represent the snapshots in Deterlab and overcome the limitation of nodes requiring more than four interfaces. Preliminary results show that all paths from snapshots are maintained if a node requiring more than four interfaces had no more than four other nodes requiring four interfaces. Also, we constructed a proof of concept that captures the main idea of using then snapshots in a security experiment in Deterlab. The topology shows a Multiple Origin Autonomous System (MOAS) conflict for 10 nodes. It is scalable to larger topologies in Deterlab because we have automated the topology creation and protocol configuration.\",\"PeriodicalId\":118139,\"journal\":{\"name\":\"Proceedings of the third ACM conference on Data and application security and privacy\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-02-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the third ACM conference on Data and application security and privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2435349.2435371\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the third ACM conference on Data and application security and privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2435349.2435371","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

研究Internet的拓扑结构是开发能够保护关键系统和应用程序底层通信基础设施的机制的一个组成部分。我们研究了捕获和拟合互联网拓扑快照到一个称为detlab的仿真环境的可行性。对Deterlab的物理限制包括可用节点的数量(例如，大约400个)和连接它们的接口数量(例如，4个)。例如，自治系统(AS)级别的一个Internet拓扑快照大约有100个节点，其中5个节点需要4个以上的接口。在本文中，我们简要总结了收集到的Internet拓扑快照，并就如何在Deterlab中表示快照和克服节点需要四个以上接口的限制提出了一个解决方案。初步结果表明，如果需要4个以上接口的节点有不超过4个其他需要4个接口的节点，则维护快照中的所有路径。此外，我们还构建了一个概念证明，该概念证明了在detlab的安全实验中使用快照的主要思想。拓扑显示了10个节点的MOAS (Multiple Origin Autonomous System)冲突。在detlab中，它可以扩展到更大的拓扑，因为我们已经自动化了拓扑创建和协议配置。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Emulating internet topology snapshots in deterlab

Investigating the Internet's topology is one component towards developing mechanisms that can protect the communication infrastructure underlying our critical systems and applications. We study the feasibility of capturing and fitting Internet's topology snapshots to an emulated environment called Deterlab. Physical limitations on Deterlab include the number of nodes available (i.e., about 400) and the number of interfaces (i.e., 4) to interconnect them. For example, one Internet's topology snapshot at the Autonomous Systems (AS) level has about 100 nodes with 5 nodes requiring more than 4 interfaces. In this paper, we present a short summary of the Internet's topology snapshots collected and propose a solution on how we can represent the snapshots in Deterlab and overcome the limitation of nodes requiring more than four interfaces. Preliminary results show that all paths from snapshots are maintained if a node requiring more than four interfaces had no more than four other nodes requiring four interfaces. Also, we constructed a proof of concept that captures the main idea of using then snapshots in a security experiment in Deterlab. The topology shows a Multiple Origin Autonomous System (MOAS) conflict for 10 nodes. It is scalable to larger topologies in Deterlab because we have automated the topology creation and protocol configuration.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the third ACM conference on Data and application security and privacy

自引率

0.00%

发文量