Predicting catastrophic BGP routing instabilities
Authors
Nguyen, Lien K.
Subjects
Catastrophic BGP routing instabilities
Macro-Level and Micro-Level Metrics Correlation
Worm attack studies
Macro-Level and Micro-Level Metrics Correlation
Worm attack studies
Advisors
Xie, Geoffrey
Date of Issue
2004-03
Date
March 2004
Publisher
Monterey, CA; Naval Postgraduate School
Language
Abstract
Inter-domain routing connects individual pieces of Internet topology, creating an integral, global data delivery infrastructure. Currently, this critical function is performed by the Border Gateway Protocol (BGP) version 4 [RFC1771]. Like all routing protocols, BGP is vulnerable to instabilities that reduce its effectiveness. Among the causes of these instabilities are those which are maliciously induced. Although there are other causes, e.g., natural events and network anomalies, this thesis will focus exclusively on maliciously induced instabilities. Most current models that attempt to predict a BGP routing instability confine their focus to either macro- or micro-level metrics, but not to both. The inherent limitations of each of these forms of metric gives rise to an excessive rate of spurious alerts, both false positives and false negatives. It is the original intent of this thesis to develop an improved BGP instability prediction model by statistically combining BGP instability metrics with user level performance metrics. The motivation for such a model is twofold. 1) To provide sufficient prior warning of impending failure to facilitate proactive protection measures. 2) To improve warning reliability beyond existing models, by demonstrably reducing both false positives and false negatives. However, our analysis of actual network trace data shows that a widely used BGP instability metric, the total number of update messages received in a time period, is not a good indicator of future user level performance.
Type
Thesis
Description
Series/Report No
Department
Computer Science (CS)
Organization
Naval Postgraduate School (U.S.)
Identifiers
NPS Report Number
Sponsors
Funder
Format
xii, 157 p. : (col. graphs)
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.