...

$ onos-netcfg localhost ~/onos/tools/tutorials/artemis/configs/network-cfg.json
$ onos localhost

On your monitor, you should see a view similar to this:

Image Added

Fig. 4: ONOS instance, mininet and ONOS CLI.

Activate ARTEMIS using the ONOS CLI (reactive-routing must be activated first):

...

Now the hijacker (AS65003) will attract all the traffic away from AS65001 (destined to 40.0.0.0/8); at the same time, the ExaBGP speaker will send the BGP update of the hijack (among other updates seen by AS65004) to the ONOS instance (running ARTEMIS) and the hijack will be detected. Checking the logs, you will see that the attack is actually detected and the deaggregation mechanism has successfully mitigated the attack (by announcing the more specific prefixes 40.0.0.0/9 and 40.128.0.0/9 from the BGP speaker of the protected AS). After BGP converges and the control and data planes are consistent, the traffic of AS65001, destined to 40.0.0.0/8, returns to the protected AS.

Demo video

Fig. 45: The fully emulated demo topology.

...