Sciweavers

MINENET
2006
ACM

Forensic analysis of autonomous system reachability

14 years 6 months ago
Forensic analysis of autonomous system reachability
Security incidents have an adverse impact not only on end systems, but also on Internet routing, resulting in many out-of-reach prefixes. Previous work has looked at performance degradation in the data plane in terms of delay and loss. Also it has been reported that the number of routing updates increased significantly, which could be a reflection of increased routing instability in the control domain. In this paper, we perform a detailed forensic analysis of routing instability during known security incidents and present useful metrics in assessing damage in AS reachability. Any change in AS reachability is a direct indication of whether the AS had fallen victim to the security incident or not. We choose the Slammer worm attack in January, 2003, as a security incident for closer examination. For our forensic analysis, we use BGP routing data from RouteViews and RIPE. As a way to quantify AS reachability, we propose the following metrics: the prefix count and the address count. Th...
D. K. Lee, Sue B. Moon, Taesang Choi, Taesoo Jeong
Added 14 Jun 2010
Updated 14 Jun 2010
Type Conference
Year 2006
Where MINENET
Authors D. K. Lee, Sue B. Moon, Taesang Choi, Taesoo Jeong
Comments (0)