Faculté des Sciences appliquées
Faculté des Sciences appliquées

Routers under Attack: a Graph-Based Analysis

Capodicasa, Laura ULiège
Promotor(s) : Donnet, Benoît ULiège
Date of defense : 9-Sep-2019/10-Sep-2019 • Permalink :
Title : Routers under Attack: a Graph-Based Analysis
Author : Capodicasa, Laura ULiège
Date of defense  : 9-Sep-2019/10-Sep-2019
Advisor(s) : Donnet, Benoît ULiège
Committee's member(s) : Leduc, Guy ULiège
Louveaux, Quentin ULiège
Language : English
Discipline(s) : Engineering, computing & technology > Civil engineering
Institution(s) : Université de Liège, Liège, Belgique
Degree: Master : ingénieur civil en informatique, à finalité spécialisée en "computer systems security"
Faculty: Master thesis of the Faculté des Sciences appliquées


[en] The generation of realistic maps of networks is of high interest since it gives a representative model of the Internet and thus of its properties. In this work, we will use a graph-based representation called an Internet router level map using data from publicly available datasets for which vertices are routers and edges are links between them.

To analyze these graphs we will chose several metrics representative of the graph structure and that will be interpreted in the context of network : the mean and maximum node degree, the node degree distribution, the graph density, the betweenness centrality, the clustering coefficient and the average clustering coefficient.

From there, we find a way to identify the vendor and hardware of each router of the map. This is call fingerprinting and we will based on ICMP time-exceeded replies (from traceroute probes of CAIDA’s public "IPv4 Routed /24 Topology" dataset), ICMP echo replies and ICMP address mask replies. We will obtain these two last information by launching a measurement campaign.

We will then simulated the malware propagation strategies targeting identified router vendors and having as effect the shut-down of a given percentage of randomly selected nodes of this vendor. This will be performed for several percentages, namely 0.1%, 0.5%, 1%, 2%, 5%, 10%, 25%, 50%, 75%, 90%, and for several vendors on AS 1239. Since the particular removed nodes should not impact too much the metrics, it will be performed 30 times for tuple [percentage, vendor hardware, AS] and the metric taken into consideration will be the mean on these 30 trials.



Access RouterUnderAttacks_TFE.pdf
Description: TFE report
Size: 2.31 MB
Format: Adobe PDF


Description: Zip file with the source code
Size: 352.04 kB
Format: Unknown
Description: Plots generated (referred main report)
Size: 8.21 MB
Format: Unknown


  • Capodicasa, Laura ULiège Université de Liège > Master ingé. civ. info., à fin.


Committee's member(s)

  • Leduc, Guy ULiège Université de Liège - ULiège > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Réseaux informatiques
    ORBi View his publications on ORBi
  • Louveaux, Quentin ULiège Université de Liège - ULiège > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Systèmes et modélisation : Optimisation discrète
    ORBi View his publications on ORBi
  • Total number of views 42
  • Total number of downloads 8

All documents available on MatheO are protected by copyright and subject to the usual rules for fair use.
The University of Liège does not guarantee the scientific quality of these students' works or the accuracy of all the information they contain.