Hacking on BGP for Fun and Profit Thumbnail
Improving Technical Security 10 February 2016

Hacking on BGP for Fun and Profit

By Mat FordTechnology Program Manager

Of all the many protocols that run over the Internet some are more fundamental than others. Border Gateway Protocol (BGP) is one of the more fundamental ones given that it provides the means for networks to announce their connectivity to each other. The Internet is a network of networks and BGP provides the glue that stitches the (approximately) fifty thousand networks that collectively deliver what we think of as the Internet together.

As we mentioned late last year, the Center for Applied Internet Data Analysis (CAIDA) hosted the inaugural BGP Hackathon at their premises in the University of California San Diego Supercomputer Center this weekend. The two-day event brought together around 90 researchers, practitioners, and students from around the world to develop tools to model, measure, and monitor the routing infrastructure of the Internet. Of the 90 attendees, 50 were competing in teams and 30 of those were graduate students. 33 travel grants were awarded and in addition to the 50 competing participants, there were 25 non-competing domain experts.

The event began with some introductory remarks and level-setting for the participants before the relative anarchy of team formation. Various participants introduced themselves, their expertise, and interest in working on specific challenges. Despite the freeform nature of the proceedings, the group quickly settled down to a manageable number of teams working on a diverse set of challenges and hacking commenced.

Participating teams worked on a variety of challenges, such as:

  • Improving BGP analysis and measurement tools
  • Improving network management tools with OpenConfig
  • Security, including longitudinal study of route validation with RPKI, automated mis-origination detection, and automated countermeasures
  • Visualisation of BGP data including realtime analysis
  • BGP dynamics including interactions between the control plane and data plane, anycast routing, and failover
  • Enhancing BGP daemons with new functionality
  • More realtime functionality for existing tools, e.g. CAIDA ASRank

The teams had an array of tools and data sources available to them during the event, and many of the original developers of these resources were on hand to provide expert guidance to the challenge participants. In addition, San Diego Supercomputer Center made available their COMET supercomputer for teams to use to speed up analysis tasks during their development work.

The Internet Society was one of the sponsors of the hackathon event and served on the Jury that selected four prize-winning teams from the various groups that participated in the event. The winning teams were (in no particular order):

  • Shane Alcock (University of Waikato, NZ) for developing advanced filtering mechanisms for the BGPStream software framework. Shane worked on his own and the results of his efforts will be widely used by the community to select which data a BGPStream application, script, or command-line tool must process.
  • Ricardo Schmidt (University of Twente, NL), Wouter de Vries (University of Twente, NL), Azzam Alsudais (CU Boulder, US), Roya Ensafi (Princeton University, US), and Nick Wolff (OARnet, US) for their work using the PEERING testbed and other tools to observe the impact on control plane and data plane when adding or removing anycast instances. Many content and infrastructure services on the Internet make use of anycast routing to improve service availability and performance. Understanding the dynamics of anycast routing better is an important contribution.
  • Ruwaifa Anwar (Stony Brook University, New York, US), Danilo Cicalese (Telecom ParisTech, FR), Nicolas Vivet (FNISA, FR), Kaname Nishizuka (NTT Communications, JP), Danilo Giordano (Politecnico di Torino, IT), Charles Brock (ICASA/NMT, US), and Bruno Machado (Universidade Federal de Minas Gerias, BR) for their work to automate detection of BGP anomalies. Using data feeds from RIPE RIS and BGPStream, potential anomalies were detected and then correlated with external data to minimise the incidence of false positives.
  • Massimo Candela (RIPE NCC, NL), Maite Gonzalez (NICLabs, Universidad de Chile, CL), Saif Hasan (Facebook, US) and Francesco Benedetto (Roma Tre University, IT) for their work to provide a real-time BGP monitoring service using BGPlay and output from BGPStream.

Selecting these winners wasn’t easy as all teams produced very exciting and interesting results especially when considering that many of the collaborators were new faces and the tools were new in many cases as well. The utility of USC’s PEERING testbed was greatly enhanced during the weekend and many of the challenge teams made productive use of the facility. The long-term goal of the testbed is to enable on-demand, safe, and controlled access to the Internet routing ecosystem for researchers and educators and USC plan to continue making further enhancements now that it has proved to be such a valuable resource. Other platforms made available to participants during the hackathon, e.g. BGPStream and BGPMon, also saw significant improvements during the weeks preceding (and during) the hackathon. 

In conclusion, this event was a great example of how careful planning and detailed organisation can yield excellent results. The participants all learned a great deal during the two days and came away with a much better understanding of the breadth of BGP-related research, the tools and data sources available to them, and most importantly a new set of colleagues and mentors to help them carry on their work. Here’s to the next one!

P.S. If you are interested in BGP and routing security in particular, you may also want to check out the Mutually Agreed Norms for Routing Security (MANRS) initiative.

Photo Credit: iStock

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Building Trust 21 February 2020

NDSS 2020: The Best in Security Research – For the Good of the Internet

On 23 February, the 27th consecutive Network and Distributed System Security Symposium (NDSS) kicks off in San Diego, CA....

Improving Technical Security 23 October 2019

Securing the Internet: Introducing Oracle Internet Intelligence IXP Filter Check

Oracle is an Organization Member of the Internet Society. We welcome this guest post announcing a new tool that...

Improving Technical Security 4 October 2019

Network Operators in Latin America and the Caribbean Take Steps to Strengthen Routing Security

2019 has been a very good year for the Internet in Latin America and the Caribbean. In May, during...