Routers under Attack: a Graph-Based Analysis
Capodicasa, Laura
Promoteur(s) : Donnet, Benoît
Date de soutenance : 9-sep-2019/10-sep-2019 • URL permanente : http://hdl.handle.net/2268.2/7871
Détails
Titre : | Routers under Attack: a Graph-Based Analysis |
Auteur : | Capodicasa, Laura |
Date de soutenance : | 9-sep-2019/10-sep-2019 |
Promoteur(s) : | Donnet, Benoît |
Membre(s) du jury : | Leduc, Guy
Louveaux, Quentin |
Langue : | Anglais |
Discipline(s) : | Ingénierie, informatique & technologie > Ingénierie civile |
Institution(s) : | Université de Liège, Liège, Belgique |
Diplôme : | Master : ingénieur civil en informatique, à finalité spécialisée en "computer systems security" |
Faculté : | Mémoires de la Faculté des Sciences appliquées |
Résumé
[en] The generation of realistic maps of networks is of high interest since it gives a representative model of the Internet and thus of its properties. In this work, we will use a graph-based representation called an Internet router level map using data from publicly available datasets for which vertices are routers and edges are links between them.
To analyze these graphs we will chose several metrics representative of the graph structure and that will be interpreted in the context of network : the mean and maximum node degree, the node degree distribution, the graph density, the betweenness centrality, the clustering coefficient and the average clustering coefficient.
From there, we find a way to identify the vendor and hardware of each router of the map. This is call fingerprinting and we will based on ICMP time-exceeded replies (from traceroute probes of CAIDA’s public "IPv4 Routed /24 Topology" dataset), ICMP echo replies and ICMP address mask replies. We will obtain these two last information by launching a measurement campaign.
We will then simulated the malware propagation strategies targeting identified router vendors and having as effect the shut-down of a given percentage of randomly selected nodes of this vendor. This will be performed for several percentages, namely 0.1%, 0.5%, 1%, 2%, 5%, 10%, 25%, 50%, 75%, 90%, and for several vendors on AS 1239. Since the particular removed nodes should not impact too much the metrics, it will be performed 30 times for tuple [percentage, vendor hardware, AS] and the metric taken into consideration will be the mean on these 30 trials.
Fichier(s)
Document(s)
Description: TFE report
Taille: 2.31 MB
Format: Adobe PDF
Annexe(s)
Description: Zip file with the source code
Taille: 352.04 kB
Format: Unknown
Description: Plots generated (referred main report)
Taille: 8.21 MB
Format: Unknown
Citer ce mémoire
L'Université de Liège ne garantit pas la qualité scientifique de ces travaux d'étudiants ni l'exactitude de l'ensemble des informations qu'ils contiennent.