Detalhes bibliográficos
| Ano de defesa: |
2024 |
| Autor(a) principal: |
Brivaldo Alves da Silva Junior |
| Orientador(a): |
Ronaldo Alves Ferreira |
| Banca de defesa: |
Não Informado pela instituição |
| Tipo de documento: |
Tese
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
por |
| Instituição de defesa: |
Fundação Universidade Federal de Mato Grosso do Sul
|
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Brasil
|
| Palavras-chave em Português: |
|
| Link de acesso: |
https://repositorio.ufms.br/handle/123456789/9584
|
Resumo: |
The Border Gateway Protocol (BGP) orchestrates Internet communications between Autonomous Systems (ASes). BGP's flexibility allows operators to express complex policies and deploy advanced traffic engineering systems. A key mechanism for this flexibility is tagging route announcements with BGP communities, which have arbitrary, operator-defined semantics, to pass information or requests from router to router. Typical uses of BGP communities include attaching metadata to route announcements, such as where a route was learned or whether it was received from a customer, and controlling route propagation, for example, to steer traffic to preferred paths or blackhole DDoS traffic. However, there is no standard for specifying the semantics nor a centralized repository that catalogs the meaning of BGP communities. The lack of standards and central repositories complicates the use of communities by the operator and research communities. The main goal of this thesis is to develop techniques to infer the semantics of BGP communities using publicly available data from BGP collectors. We first propose a set of techniques to infer location communities. Our techniques infer communities related to the entities or locations traversed by a route by correlating communities with AS paths. We also propose a set of heuristics to filter incorrect inferences introduced by misbehaving networks, sharing of BGP communities among sibling autonomous systems, and inconsistent BGP dumps. We apply our techniques to billions of routing records from public BGP collectors and make available a public database with more than 15 thousand location communities. Our comparison with manually-built databases shows our techniques provide high precision (93%), better coverage (81% recall), and dynamic updates, complementing operators' and researchers' abilities to reason about BGP community semantics. We also design and evaluate algorithms to automatically uncover BGP action communities and ASes that violate standard practices by consistently using the informational communities of other ASes, revealing undocumented relationships between them (e.g., siblings). Our experimental evaluation with billions of route announcements from public BGP route collectors from 2018 to 2023 uncovers previously unknown AS relationships and shows that our algorithm to identify action communities achieves average precision and recall of 92.5% and 86.5%, respectively. |
