Graciela Perera, Nathan Miller, J. Mela, M. Mcgarry, Jaime C. Acosta
{"title":"在detlab中模拟internet拓扑快照","authors":"Graciela Perera, Nathan Miller, J. Mela, M. Mcgarry, Jaime C. Acosta","doi":"10.1145/2435349.2435371","DOIUrl":null,"url":null,"abstract":"Investigating the Internet's topology is one component towards developing mechanisms that can protect the communication infrastructure underlying our critical systems and applications. We study the feasibility of capturing and fitting Internet's topology snapshots to an emulated environment called Deterlab. Physical limitations on Deterlab include the number of nodes available (i.e., about 400) and the number of interfaces (i.e., 4) to interconnect them. For example, one Internet's topology snapshot at the Autonomous Systems (AS) level has about 100 nodes with 5 nodes requiring more than 4 interfaces. In this paper, we present a short summary of the Internet's topology snapshots collected and propose a solution on how we can represent the snapshots in Deterlab and overcome the limitation of nodes requiring more than four interfaces. Preliminary results show that all paths from snapshots are maintained if a node requiring more than four interfaces had no more than four other nodes requiring four interfaces. Also, we constructed a proof of concept that captures the main idea of using then snapshots in a security experiment in Deterlab. The topology shows a Multiple Origin Autonomous System (MOAS) conflict for 10 nodes. It is scalable to larger topologies in Deterlab because we have automated the topology creation and protocol configuration.","PeriodicalId":118139,"journal":{"name":"Proceedings of the third ACM conference on Data and application security and privacy","volume":"45 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-02-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Emulating internet topology snapshots in deterlab\",\"authors\":\"Graciela Perera, Nathan Miller, J. Mela, M. Mcgarry, Jaime C. Acosta\",\"doi\":\"10.1145/2435349.2435371\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Investigating the Internet's topology is one component towards developing mechanisms that can protect the communication infrastructure underlying our critical systems and applications. We study the feasibility of capturing and fitting Internet's topology snapshots to an emulated environment called Deterlab. Physical limitations on Deterlab include the number of nodes available (i.e., about 400) and the number of interfaces (i.e., 4) to interconnect them. For example, one Internet's topology snapshot at the Autonomous Systems (AS) level has about 100 nodes with 5 nodes requiring more than 4 interfaces. In this paper, we present a short summary of the Internet's topology snapshots collected and propose a solution on how we can represent the snapshots in Deterlab and overcome the limitation of nodes requiring more than four interfaces. Preliminary results show that all paths from snapshots are maintained if a node requiring more than four interfaces had no more than four other nodes requiring four interfaces. Also, we constructed a proof of concept that captures the main idea of using then snapshots in a security experiment in Deterlab. The topology shows a Multiple Origin Autonomous System (MOAS) conflict for 10 nodes. It is scalable to larger topologies in Deterlab because we have automated the topology creation and protocol configuration.\",\"PeriodicalId\":118139,\"journal\":{\"name\":\"Proceedings of the third ACM conference on Data and application security and privacy\",\"volume\":\"45 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-02-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the third ACM conference on Data and application security and privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2435349.2435371\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the third ACM conference on Data and application security and privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2435349.2435371","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Investigating the Internet's topology is one component towards developing mechanisms that can protect the communication infrastructure underlying our critical systems and applications. We study the feasibility of capturing and fitting Internet's topology snapshots to an emulated environment called Deterlab. Physical limitations on Deterlab include the number of nodes available (i.e., about 400) and the number of interfaces (i.e., 4) to interconnect them. For example, one Internet's topology snapshot at the Autonomous Systems (AS) level has about 100 nodes with 5 nodes requiring more than 4 interfaces. In this paper, we present a short summary of the Internet's topology snapshots collected and propose a solution on how we can represent the snapshots in Deterlab and overcome the limitation of nodes requiring more than four interfaces. Preliminary results show that all paths from snapshots are maintained if a node requiring more than four interfaces had no more than four other nodes requiring four interfaces. Also, we constructed a proof of concept that captures the main idea of using then snapshots in a security experiment in Deterlab. The topology shows a Multiple Origin Autonomous System (MOAS) conflict for 10 nodes. It is scalable to larger topologies in Deterlab because we have automated the topology creation and protocol configuration.