Improving Technical Security Open Internet Standards Technology

Hacking on BGP for Fun and Profit

Of all the many protocols that run over the Internet some are more fundamental than others. Border Gateway Protocol (BGP) is one of the more fundamental ones given that it provides the means for networks to announce their connectivity to each other. The Internet is a network of networks and BGP provides the glue that stitches the (approximately) fifty thousand networks that collectively deliver what we think of as the Internet together.

As we mentioned late last year, the Center for Applied Internet Data Analysis (CAIDA) hosted the inaugural BGP Hackathon at their premises in the University of California San Diego Supercomputer Center this weekend. The two-day event brought together around 90 researchers, practitioners, and students from around the world to develop tools to model, measure, and monitor the routing infrastructure of the Internet. Of the 90 attendees, 50 were competing in teams and 30 of those were graduate students. 33 travel grants were awarded and in addition to the 50 competing participants, there were 25 non-competing domain experts.

The event began with some introductory remarks and level-setting for the participants before the relative anarchy of team formation. Various participants introduced themselves, their expertise, and interest in working on specific challenges. Despite the freeform nature of the proceedings, the group quickly settled down to a manageable number of teams working on a diverse set of challenges and hacking commenced.

Participating teams worked on a variety of challenges, such as:

  • Improving BGP analysis and measurement tools
  • Improving network management tools with OpenConfig
  • Security, including longitudinal study of route validation with RPKI, automated mis-origination detection, and automated countermeasures
  • Visualisation of BGP data including realtime analysis
  • BGP dynamics including interactions between the control plane and data plane, anycast routing, and failover
  • Enhancing BGP daemons with new functionality
  • More realtime functionality for existing tools, e.g. CAIDA ASRank

The teams had an array of tools and data sources available to them during the event, and many of the original developers of these resources were on hand to provide expert guidance to the challenge participants. In addition, San Diego Supercomputer Center made available their COMET supercomputer for teams to use to speed up analysis tasks during their development work.

The Internet Society was one of the sponsors of the hackathon event and served on the Jury that selected four prize-winning teams from the various groups that participated in the event. The winning teams were (in no particular order):

  • Shane Alcock (University of Waikato, NZ) for developing advanced filtering mechanisms for the BGPStream software framework. Shane worked on his own and the results of his efforts will be widely used by the community to select which data a BGPStream application, script, or command-line tool must process.
  • Ricardo Schmidt (University of Twente, NL), Wouter de Vries (University of Twente, NL), Azzam Alsudais (CU Boulder, US), Roya Ensafi (Princeton University, US), and Nick Wolff (OARnet, US) for their work using the PEERING testbed and other tools to observe the impact on control plane and data plane when adding or removing anycast instances. Many content and infrastructure services on the Internet make use of anycast routing to improve service availability and performance. Understanding the dynamics of anycast routing better is an important contribution.
  • Ruwaifa Anwar (Stony Brook University, New York, US), Danilo Cicalese (Telecom ParisTech, FR), Nicolas Vivet (FNISA, FR), Kaname Nishizuka (NTT Communications, JP), Danilo Giordano (Politecnico di Torino, IT), Charles Brock (ICASA/NMT, US), and Bruno Machado (Universidade Federal de Minas Gerias, BR) for their work to automate detection of BGP anomalies. Using data feeds from RIPE RIS and BGPStream, potential anomalies were detected and then correlated with external data to minimise the incidence of false positives.
  • Massimo Candela (RIPE NCC, NL), Maite Gonzalez (NICLabs, Universidad de Chile, CL), Saif Hasan (Facebook, US) and Francesco Benedetto (Roma Tre University, IT) for their work to provide a real-time BGP monitoring service using BGPlay and output from BGPStream.

Selecting these winners wasn’t easy as all teams produced very exciting and interesting results especially when considering that many of the collaborators were new faces and the tools were new in many cases as well. The utility of USC’s PEERING testbed was greatly enhanced during the weekend and many of the challenge teams made productive use of the facility. The long-term goal of the testbed is to enable on-demand, safe, and controlled access to the Internet routing ecosystem for researchers and educators and USC plan to continue making further enhancements now that it has proved to be such a valuable resource. Other platforms made available to participants during the hackathon, e.g. BGPStream and BGPMon, also saw significant improvements during the weeks preceding (and during) the hackathon. 

In conclusion, this event was a great example of how careful planning and detailed organisation can yield excellent results. The participants all learned a great deal during the two days and came away with a much better understanding of the breadth of BGP-related research, the tools and data sources available to them, and most importantly a new set of colleagues and mentors to help them carry on their work. Here’s to the next one!

P.S. If you are interested in BGP and routing security in particular, you may also want to check out the Mutually Agreed Norms for Routing Security (MANRS) initiative.

Photo Credit: iStock
Building Trust Improving Technical Security Open Internet Standards Technology

CAIDA to Host Inaugural BGP Hackathon

If you’re a researcher interested in the mechanics and dynamics of the Internet routing system, please consider joining some of the world’s top Internet measurement researchers in San Diego next year for the CAIDA BGP Hackathon 2016. The event will take place on the weekend of February 6th and 7th, 2016, and will bring researchers and students from around the world together to develop tools to model, measure, and monitor the routing infrastructure of the Internet.

Participating teams will work on “challenges” that extend, integrate, and demonstrate the utility of BGP data sources and tools for understanding or solving practical problems (e.g., detecting BGP prefix hijacking, evaluating anycast performance, effectively visualizing phenomena). This is just the kind of work needed to help improve the security and resilience of the Internet’s routing infrastructure.

The hackathon will be held in San Diego the weekend immediately preceding the NANOG conference and the AIMS Workshop on Active Internet Measurements.

The Internet Society is supporting the event and I’ll be one of the judges, so I’d love to see you there! Here’s how to Apply to Participate!