Name
Abstract | ||
|---|---|---|
In the first months of 2011, Internet communications were disrupted in several North African countries in response to civilian protests and threats of civil war. In this paper, we analyze episodes of these disruptions in two countries: Egypt and Libya. Our analysis relies on multiple sources of large-scale data already available to academic researchers: BGP interdomain routing control plane data, unsolicited data plane traffic to unassigned address space, active macroscopic traceroute measurements, RIR delegation files, and MaxMind's geolocation database. We used the latter two data sets to determine which IP address ranges were allocated to entities within each country, and then mapped these IP addresses of interest to BGP-announced address ranges (prefixes) and origin autonomous systems (ASs) using publicly available BGP data repositories in the US and Europe. We then analyzed observable activity related to these sets of prefixes and ASs throughout the censorship episodes. Using both control plane and data plane data sets in combination allowed us to narrow down which forms of Internet access disruption were implemented in a given region over time. Among other insights, we detected what we believe were Libya's attempts to test firewall-based blocking before they executed more aggressive BGP-based disconnection. Our methodology could be used, and automated, to detect outages or similar macroscopically disruptive events in other geographic or topological regions. |
Year | DOI | Venue |
|---|---|---|
2014 | 10.1109/TNET.2013.2291244 | Networking, IEEE/ACM Transactions |
Keywords | Field | DocType |
ip networks,internet,firewalls,telecommunication network routing,as,bgp interdomain routing control plane data,bgp-announced address ranges,bgp-based disconnection,egypt,europe,ip address mapping,ip address range allocation,internet access disruption,internet communications,libya,maxmind geolocation database,north african countries,rir delegation files,us,active macroscopic trace-route measurements,autonomous systems,censorship episodes,civil war threats,civilian protests,country-wide internet outage analysis,firewall-based blocking,geographic regions,macroscopically disruptive event detection,multiple large-scale data sources,observable activity analysis,outage detection,prefixes,publicly available bgp data repositories,topological regions,unassigned address space,unsolicited data plane traffic,censorship,internet background radiation,connectivity disruption,darknet,network telescope,outages,databases,routing,geology | Network telescope,Address space,Forwarding plane,Computer science,traceroute,Computer security,Geolocation,Computer network,Autonomous system (Internet),Internet access,The Internet | Journal |
Volume | Issue | ISSN |
22 | 6 | 1063-6692 |
Citations | PageRank | References |
33 | 2.03 | 27 |
Authors | ||
7 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| alberto dainotti | 1 | 44 | 2.58 |
| Claudio Squarcella | 2 | 76 | 8.76 |
| Emile Aben | 3 | 156 | 13.41 |
| Claffy, K.C. | 4 | 328 | 57.05 |
| Marco Chiesa | 5 | 101 | 8.20 |
| michele russo | 6 | 33 | 2.03 |
| Antonio Pescapè | 7 | 1076 | 87.91 |