Due to a ransomware attack, the wiki was reverted to a July 2022 version. . We apologize for the lack of a more recent valid backup.
| Warning |
|---|
Page under construction |
| Table of Contents |
|---|
Team
| Name | Organization | Role | |
|---|---|---|---|
| Dimitris Mavrommatis | ON.Lab / Foundation for Research and Technology - Hellas (FORTH), Institute of Computer Science, INSPIRE group | Lead Developer | dimitris@onlab.us |
| Lefteris Manassakis | Foundation for Research and Technology - Hellas (FORTH), Institute of Computer Science, INSPIRE group | Engineering Supervisor / | |
| Vasileios Kotronis | Foundation for Research and Technology - Hellas (FORTH), Institute of Computer Science, INSPIRE group | Research Supervisor / | vkotronis@ics.forth.gr |
Overview and Goals
Prefix hijacking is a common phenomenon in the Internet that often causes routing problems and economic losses [13]. ARTEMIS [1,10] is a tool that enables , usable by network administrators, to detect in real-time and automatically mitigate prefix hijacking incidents against their own prefixes, employing self-monitoring on the AS level. ARTEMIS is based on the employs real-time monitoring of BGP data in the Internet and can completely mitigate (e.g., BGP updates exported by route collectors) and can: (a) detect a prefix hijacking within a few seconds from its launch, and (b) completely mitigate the hijack within a few minutes (e.g., 2-5 minutes in the initial experiments with the PEERING testbed [2]) after it has been launched. This fast response time enables legitimate ASes to quickly counter the hijack based on data they observe themselves on the control plane.
The goal of this project is to implement the ARTEMIS system as a multi-module application running on top of ONOS [9], using the prior work and code-base of the SDN-IP project [3,8], as well as test testing the system application over a real BGP testbed such as PEERING [2]. The final objective is to have an open-source implementation of ARTEMIS running on top of a popular production-grade Network Operating System. This implementation will then enable researchers and operators to test miscellaneous BGP prefix mitigation strategies over real-world testbeds and production networks, and extract results that are relevant to today’s ISP operations; such results would be otherwise not possible to produce.
Prerequisites
Basic knowledge of the BGP protocol and it's its best path selection algorithm is required in order to fully grasp understand the idea behind concepts of ARTEMIS. However, every user can try the demo can also be followed/tested without this prior knowledge.
ARTEMIS
...
Architecture and Functionality
...
ARTEMIS: System Description
...
Fig. 1: The ARTEMIS architecture.
ARTEMIS consists of three components: a detection, a mitigation, and a monitoring service as shown in Fig. 1.
The detection service runs continuously and combines control plane information from the AS itself, Periscope [7] (an LG API), the streaming services of RIPE RIS [4] and BGPstream (from RIPE RIS and RouteViews) [6], as well as BGPmon [5], which return in (near) real-time BGP routes/updates for a given list of prefixes and ASNs. By combining multiple sources, the delay of the detection phase is the minimum of the delays of these sources. The system can be parameterized (e.g., selecting LGs based on location and/or connectivity) to achieve trade-offs between monitoring overhead and detection efficiency/speed.
...