BGP Hijack detection via Latency measurement

Encadrants : 

Occurrences : 

2016

Nombre d'étudiants minimum: 

2

Nombre d'étudiants maximum: 

4

Nombre d'instances : 

2

Domaines: 

Few years ago, a seminal work presented at NANOG'59 focused on studying ​who are the anycasters, employing a technique based on latency measurement. Last year, we presented our study on ​ where they are located. This work is the results of our recent research, that proposes a technique to geolocate instances of anycast deployment using RIPE Atlas and PlanetLab measurement. This technique is lightweight, uses latency measurement, and is able to accurately geolocate instances (75% true positive for DNS and CDN). As the technique employs only a handful of ICMP measurement and it is not protocol specific, we scale up it at large scale to perform a first census of IPv4 anycast, studying replica placement, deployment footprint and software running on anycast (awarded IETF Applied Network Researrh Prize)

Ongoing work, such as using this technique to monitor infrastructure evolution, or detect BGP hijacks has received attention by Google through a Google Faculty Research Award in August 2015. Results of successful projects will be disseminated internally at Google.

More information at http://perso.telecom-paristech.fr/~drossi/index.php?n=Dataset.Anycast