Cecilia Testart, assistant professor at Trinity College, will present the seminar, “Towards data-driven Internet routing security.”

Abstract

The Internet ecosystem is critical for the reliability of online daily life. However, key Internet protocols, such as the Border Gateway Protocol (BGP), were not designed to cope with untrustworthy parties, making them vulnerable to misconfigurations and attacks from anywhere in the network. Recently, unintended route leaks caused a significant amount of Internet traffic towards major providers including Google, Facebook, and Amazon to be dropped for hours, and through BGP prefix hijacking, perpetrators have stolen millions in fraudulent transactions. These problems are longstanding, and increasingly pressing. There have been many proposals by the research community and the IETF to increase security, but little has changed in operational environments. The problem space is complex: it involves multiple stakeholders, with different interests and resources available, and increasingly, geopolitical challenges.

In this talk, Testart will present an evidence-based data-driven approach to improve routing infrastructure security. Taking advantage of public and private routing data and manually gathering ground truth of routing events, she performs longitudinal analysis of routing data to characterize relevant aspects of network-level and Internet-wide behavior over time. Applying this approach, she identifies and characterize the routing-level behavior of serial hijackers, networks that persistently hijack IP address blocks in BGP, and demonstrate how their BGP behavior differs from that of benign networks. Then, using machine learning tools, she identifies networks in the Internet with similar behavior to narrow down the focus on suspect networks. She’ll also show how following similar approaches she can quantify the benefits of the RPKI security framework against potential hijacks, and identify the route leaks that boomerang traffic from the core of the Internet to the edge and then back to the core. This work improves our understanding about how our Internet actually works and opens up new research questions in the area of data-driven security analysis. The outcome of this research has been used by industry and researchers for network reputation and to verify RPKI enforcement.

Bio

Cecilia Testart is a Ph.D. candidate in electrical engineering and computer science at MIT. She is part of the Advanced Network Architecture group and the Internet Policy Research Initiative, working with David D. Clark. Her doctoral research focuses on securing the Internet’s core routing protocols, leveraging empirical data-driven approaches to understand the impact of protocol design in security and taking a comprehensive perspective, considering both technical and policy challenges, to improve the current state-of-the-art. Teststart holds engineering degrees from Universidad de Chile and Ecole Centrale Paris. She also holds a dual-master degree in technology and policy and electrical engineering and computer science from MIT. Prior to joining MIT, she helped set up the Chilean office of Inria (the French National Institute for Research in Digital Science and Technology) and worked for the research lab of the .CL, the Chilean top-level domain. She has interned at Akamai, MSR and the OECD. Cecilia’s work was awarded with a Distinguished paper award at the ACM Internet Measurement Conference in 2019.

Upcoming Events