dc.contributor.author
Wählisch, Matthias
dc.date.accessioned
2018-06-08T00:00:48Z
dc.date.available
2016-02-23T13:03:13.291Z
dc.identifier.uri
https://refubium.fu-berlin.de/handle/fub188/11317
dc.identifier.uri
http://dx.doi.org/10.17169/refubium-15515
dc.description
1 Introduction 1.1 A Primer on Current and Future Internet Communication 1.1.1
Core: The Border Gateway Protocol 1.1.2 Edge: Remote Attacks 1.1.3 From Edge
to Core: Information-Centric Networking 1.2 Challenges 1.2.1 Exposing a
Nation-Centric View on the Internet 1.2.2 Protecting the Current Internet
Backbone 1.2.3 Disclosing Internet Attacks on Mobile Devices 1.2.4 Identifying
Potentials and Limits of ICN to Protect a Future Internet 1.3 Contributions
and Outline 1.4 How to Read This Thesis 2 Exposing a Nation-Centric View on
the Internet 2.1 Introduction 2.2 Related Work 2.3 Methodology 2.3.1 From
Internet Members to ASes 2.3.2 Tier and Sector Classification of Autonomous
Systems 2.3.3 Constructing Spanning AS Routing Graphs 2.4 Visualization 2.5
Analysis of the AS-Structure 2.5.1 Node Centrality 2.5.2 Degree Distribution
2.5.3 Distances 2.5.4 Context Dependent Peer Selection 2.6 Conclusion and
Outlook 3 Quantifying New Security Mechanisms in the Current Internet Backbone
3.1 Introduction 3.2 Background 3.2.1 BGP Vulnerability -- Prefix Hijacking
3.2.2 Towards Secure Inter-Domain Routing 3.2.3 Securing BGP with RPKI 3.3
Related Work 3.4 Threats on an RPKI/RTR-enabled Router 3.4.1 Manipulating ROA
Data 3.4.2 Denial of Service 3.4.3 Attack Model 3.5 RTRlib: A Library for RPKI
Router Support 3.5.1 Design 3.5.2 Architecture 3.5.3 Performance Evaluation
3.6 RPKI in the Wild 3.6.1 Measurement Setup 3.6.2 Evaluation 3.6.3 Invalid
Prefix Originations in Detail 3.6.4 Lessons Learned 3.7 Conclusion and Outlook
4 Analysing Effects of Content Delivery Infrastructure on Network Security 4.1
Introduction 4.2 Background 4.3 Related Work 4.4 Methodology 4.4.1 Selecting
Domain Names 4.4.2 Mapping Domains to IP Addresses 4.4.3 Mapping IP Addresses
to Prefixes and ASNs 4.5 Results 4.5.1 Basic RPKI Insights: Infrastructure of
less popular sites is more secured 4.5.2 CDN-Content benefits from security by
third party ISPs 4.5.3 CDNs likely to cause reduced security of the popular
Web 4.6 Reasons for Reduced Deployment 4.7 RPKI Validation in Web Browsers
4.7.1 Design 4.7.2 Implementation 4.8 Conclusion and Outlook 5 Disclosing
Internet Attacks on Mobile Devices 5.1 Introduction 5.2 Background and Related
Work 5.2.1 Trapping Attackers with a Honeypot 5.2.2 Wireless versus Mobile
Honeypots 5.3 Mobile Honeypot System 5.3.1 Attacker Model 5.3.2 Design 5.3.3
Implementation 5.3.4 Deployment 5.4 Measurement Study 5.4.1 General
Observations 5.4.2 Comparative Detail Analysis 5.5 Conclusion and Outlook 6
Identifying Potentials and Limits of ICN to Protect a Future Internet 6.1
Introduction 6.2 Problem Statement 6.2.1 ICN System Model 6.2.2 Why
Information-Centric Networking is Challenged by Design 6.3 Related Work 6.4
Basic Threats to Stability 6.4.1 Routing or Mapping Resources 6.4.2 Forwarding
Resources 6.5 Experiments on State-based Forwarding 6.5.1 Core Measurement
Setup 6.5.2 Basic Experiments: Resource Consumption 6.5.3 Extended
Experiments: State Propagation and Correlation 6.6 Simulation of Complex
Networks 6.6.1 Simulation Setup 6.6.2 Results 6.7 Examples of Attack Scenarios
6.7.1 Attacks Related to Resource Exhaustion 6.7.2 Attacks Related to State
Decorrelation 6.7.3 Attacks Related to Path and Name Infiltration 6.8
Conclusion and Outlook 7 Summary List of Figures List of Tables Bibliography A
Publications of the Author (Last 5 Years) B Invited Talks C Supervised
Bachelor’s and Master’s Theses
dc.description.abstract
In this thesis, we start from the observation that the Internet is a critical
infrastructure, which needs severe protection. We take a practical view on
Internet security, considering the whole ecosystem including the network, end
devices, and services, protected and threatened by current and future Internet
protocols. We contribute tools, methodologies, and measurement results to
improve the current state of art as well as operational practice.
de
dc.description.abstract
Diese Arbeit geht von der Beobachtung aus, dass das Internet eine kritische
Inrfrastruktur ist, die besonderen Schutz bedarf. Die Arbeit orientiert sich
dabei an einer praktischen Sicht auf das Internet. Es wird das gesamte
Ökosystem bestehend aus Netzwerk, Endgeräten und Diensten betrachtet, welche
sowohl von aktuellen als auch zukünftigen Internet-Protokollen bedroht werden.
Die Arbeit trägt mit Werkzeugen, Methoden und Messungen zur Verbesserung des
aktuellen Standes von Wissenschaft und Technik und der operativen Praxis bei.
de
dc.format.extent
d, vi, 146 Seiten
dc.rights.uri
http://www.fu-berlin.de/sites/refubium/rechtliches/Nutzungsbedingungen
dc.subject.ddc
000 Informatik, Informationswissenschaft, allgemeine Werke::000 Informatik, Wissen, Systeme::003 Systeme
dc.title
Measuring and Implementing Internet Backbone Security
dc.contributor.contact
m.waehlisch@fu-berlin.de
dc.contributor.firstReferee
Prof. Dr.-Ing. Jochen Schiller
dc.contributor.furtherReferee
Prof. Dr.-Ing. Tanja Zseby
dc.date.accepted
2016-01-20
dc.identifier.urn
urn:nbn:de:kobv:188-fudissthesis000000101176-5
dc.title.subtitle
Current Challenges, Upcoming Deployment, and Future Trends
dc.title.translated
Messung und Implementierung von Internet-Backbone-Sicherheit
de
dc.title.translatedsubtitle
Aktuelle Herausforderungen, aufkommender Einsatz und zukünftige Entwicklungen
en
refubium.affiliation
Mathematik und Informatik
de
refubium.mycore.fudocsId
FUDISS_thesis_000000101176
refubium.mycore.derivateId
FUDISS_derivate_000000018728
dcterms.accessRights.dnb
free
dcterms.accessRights.openaire
open access
