Topology Discovery Sub-Layer for Integrated Terrestrial-Satellite Network Routing Schemes

With the booming development of terrestrial network, scaling terrestrial network over satellite network to build Integrated Terrestrial-Satellite Network(ITSN) and meanwhile to provide the global Internet access, has become ever more attractive. Naturally, the widely and successfully used terrestrial routing protocols are the promising protocols to integrate the terrestrial and satellite networks. However, the terrestrial routing protocols, which rely on propagating routing messages to discover New Network Topology(NNT) in the terrestrial network with rare topology changes, will suffer from overly numerous routing messages in satellite network whose topology frequently changes as satellites move. In this paper, a Topology Discovery Sub-layer for ITSN Routing Schemes(TDS-IRS) is firstly proposed to avoid the propagation of numerous routing messages by taking advantage of the movement predictability of satellite and the requirements of routing schemes to discover NNT in advance of topology change. Secondly, a Weighted Perfect Matching based Topology Discovery(WPM-TD) model is designed to conduct the NNT discovery on the ground. Thirdly, this paper builds a testbed with real network devices and meanwhile interconnect that testbed with real Internet, to validate that RS-TDS can discover NNT immediately with the less on-board overhead compared with optimized routing schemes. Finally, different network scenarios are applied to validate the WPM-TD, i.e., the core module of TDS-IRS. Extensive experiments show WPM-TD can work efficiently, avoiding the invalid NNT discovery and decreasing 20% ~ 57% of potential topology changes, which can also improve up to 47% ~ 105% of network throughput.

Network Topology Discovery Based on IP Address Inferring

In order to discover more detailed topol- ogy inforrmtion of a certain network, a fightweight approach is proposed, in which only one probe source is required. In this approach, a heuristic method in using the＂ traceroute＂ tool is introduced to collect more topology pieces. Based on those traces, subnets （or point-to-point links） in the backbone can be identified. With those identified inforrmtion, a set of roles is developed to resolve router IP aliases. Experiments with both this ap- proach and existing topology discovery methods are carried out on two real networks, i.e., TUNET, the Tsinghua University campus network, and CERNET （AS4538）, the third largest ISP network of China. According to the comparison, the approach in this paper can get nmch higher quality inforrm-tion about 1P addresses, links, and touters. In con-clusion, a more complete and accurate topology can be gained with this approach.

Towards IP geolocation with intermediate routers based on topology discovery

IP geolocation determines geographical location by the IP address of Internet hosts.IP geolocation is widely used by target advertising,online fraud detection,cyber-attacks attribution and so on.It has gained much more attentions in these years since more and more physical devices are connected to cyberspace.Most geolocation methods cannot resolve the geolocation accuracy for those devices with few landmarks around.In this paper,we propose a novel geolocation approach that is based on common routers as secondary landmarks(Common Routers-based Geolocation,CRG).We search plenty of common routers by topology discovery among web server landmarks.We use statistical learning to study localized(delay,hop)-distance correlation and locate these common routers.We locate the accurate positions of common routers and convert them as secondary landmarks to help improve the feasibility of our geolocation system in areas that landmarks are sparsely distributed.We manage to improve the geolocation accuracy and decrease the maximum geolocation error compared to one of the state-of-the-art geolocation methods.At the end of this paper,we discuss the reason of the efficiency of our method and our future research.

Towards IP geolocation with intermediate routers based on topology discovery

IP geolocation determines geographical location by the IP address of Internet hosts.IP geolocation is widely used by target advertising,online fraud detection,cyber-attacks attribution and so on.It has gained much more attentions in these years since more and more physical devices are connected to cyberspace.Most geolocation methods cannot resolve the geolocation accuracy for those devices with few landmarks around.In this paper,we propose a novel geolocation approach that is based on common routers as secondary landmarks(Common Routers-based Geolocation,CRG).We search plenty of common routers by topology discovery among web server landmarks.We use statistical learning to study localized(delay,hop)-distance correlation and locate these common routers.We locate the accurate positions of common routers and convert them as secondary landmarks to help improve the feasibility of our geolocation system in areas that landmarks are sparsely distributed.We manage to improve the geolocation accuracy and decrease the maximum geolocation error compared to one of the state-of-the-art geolocation methods.At the end of this paper,we discuss the reason of the efficiency of our method and our future research.

Defense Against Software-Defined Network Topology Poisoning Attacks

Software-Defined Network(SDN)represents a new network paradigm.Unlike conventional networks,SDNs separate control planes and data planes.The function of a data plane is enabled using switches,whereas that of a control plane is facilitated by a controller.The controller learns network topologies and makes traffic forwarding decisions.However,some serious vulnerabilities are gradually exposed in the topology management services of current SDN controller designs.These vulnerabilities mainly exist in host tracking and link discovery services.Attackers can exploit these weak points to poison the network topology information in SDN controllers.In this study,a novel solution is proposed to defend against topology poisoning attacks.By analyzing the existing topology attack principles and threat models,this work constructs legal conditions for host migration to detect host hijacking attacks.The checking of the Link Layer Discovery Protocol(LLDP)source and integrity is designed to defend against link fabrication attacks.A relay-type link fabrication attack detection method based on entropy is also designed.Results show that the proposed solution can effectively detect existing topological attacks and provide complete and comprehensive topological security protection.

Flood Avoidance Mechanisms for Bridged Resilient Packet Rings

Resilient Packet Ring （RPR）, or the Standard IEEE 802.17, is a new IP-based network technology proposed to replace SONET/SDH in metropolitan area networks. RPR is well-adapted to handle multimedia traffic and is efficient. However, when RPR networks are bridged, inter-ring packets, or packets with the destination on a remote RPR network other than on the source network, are flooded on the source and the destination networks, and also on the path of the intermediate networks between the source and the destination networks. This decreases the available bandwidth for other traffic in those networks and is inefficient. As a result, we propose two solutions based on topology discovery, global topology discovery （GTD） and enhanced topology discovery （ETD）, that prevent the flooding of inter-ring packets. GTD enables the bridges to determine the next-hop bridge for each destination. ETD enables the source node to determine a default ringlet, so that packets reach the next-hop bridge without flooding the source network. The proposed solutions were analyzed and the overhead bandwidth and stabilization time were shown to be bounded. Simulations performed showed that the proposed solutions successfully avoid flooding and achieve optimal efficiency in the intermediate and destination networks, and in the source networks with one bridge.