Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis
www.caida.org > publications : papers : 2011 : outages_censorship
Analysis of Country-wide Internet Outages Caused by Censorship

A version of this paper was later published in 2014 to IEEE/ACM Transactions on Networking (ToN).

A. Dainotti, C. Squarcella, E. Aben, K. Claffy, M. Chiesa, M. Russo, and A. Pescapè, “Analysis of Country-wide Internet Outages Caused by Censorship'', Nov 2011, pp. 1--18.
|  View full paper:    DOI    PDF    |  View citation:    BibTeX  |

Analysis of Country-wide Internet Outages Caused by Censorship

Alberto Dainotti 4
Claudio Squarcella 3
Emile Aben 2
Kimberly Claffy 1
Marco Chiesa 3
Michele Russo 4
Antonio Pescapè 4
1

CAIDA,San Diego Supercomputer Center,University of California, San Diego

2

RIPE NCC, Amsterdam, The Netherlands

3

Roma Tre University

4

University of Napoli Federico II,
Napoli, Italy

In the first months of 2011, Internet communications were disrupted in several North African countries in response to civilian protests and threats of civil war. In this paper we analyze episodes of these disruptions in two countries: Egypt and Libya. Our analysis relies on multiple sources of large-scale data already available to academic researchers: BGP interdomain routing control plane data; unsolicited data plane traffic to unassigned address space; active macroscopic traceroute measurements; RIR delegation files; and MaxMind's geolocation database. We used the latter two data sets to determine which IP address ranges were allocated to entities within each country, and then mapped these IP addresses of interest to BGP-announced address ranges (prefixes) and origin ASes using publicly available BGP data repositories in the U.S. and Europe. We then analyzed observable activity related to these sets of prefixes and ASes throughout the censorship episodes. Using both control plane and data plane data sets in combination allowed us to narrow down which forms of Internet access disruption were implemented in a given region over time. Among other insights, we detected what we believe were Libya's attempts to test firewall-based blocking before they executed more aggressive BGP-based disconnection. Our methodology could be used, and automated, to detect outages or similar macroscopically disruptive events in other geographic or topological regions.

  Last Modified: Mon Oct-13-2014 17:47:33 PDT
  Page URL: http://www.caida.org/publications/papers/2011/outages_censorship/index.xml