Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis > funding : satc-mapkit
MapKIT - Investigating the Susceptibility of the Internet Topology to Country-level Connectivity Disruption and Manipulation
Sponsored by:
National Science Foundation (NSF)

In collaboration with Paul Barford (University of Wisconsin-Madison), we seek to develop methodologies to highlight and quantify macroscopic vulnerabilities of the Internet infrastructure, especially from the perspective of cyberterrorist attacks and cyber-conflicts between nation-states.

Principal Investigator(s): Alberto Dainotti, Amogh Dhamdhere

Funding source: NSF CNS-1705024. Period of performance: August 1, 2017 - July 31, 2021.

|   Project Summary    Proposal   |

Project Summary

To apply a military analogy to Internet research, the science of cybersecurity has focused heavily on weapons and tactics, but has largely neglected terrain. Strategic points in the macroscopic Internet topology constitute key terrain in the cyberspace battlefield. Adversaries/hackers, terrorists or nationstates - can disrupt, intercept or manipulate the Internet traffic of entire countries or regions by targeting structural weaknesses of the Internet topology. Despite much recent interest and a large body of research on cyber-attack vectors and mechanisms, we lack rigorous tools to reason about how the macroscopic Internet topology of a country or a region exposes its critical communication infrastructure to compromise through targeted attacks. Part of the problem is that collecting and interpreting data about the Internet connectivity, configurations and associated vulnerabilities is challenging. Due to the massive scale and broadly distributed nature of Internet infrastructure and the scarcity of publicly available data, we must resort to complex measurement and inference methodologies that require significant effort in design, implementation, and validation.

The first step of this project is to identify important components of the Internet topology of a country/region -- Autonomous Systems (ASes), Internet Exchange Points (IXPs), PoPs, colocation facilities, and physical cable systems which represent the "key terrain" in cyberspace. To achieve this goal we will undertake a novel multi-layer mapping effort to discover the key components, relationships between them, and their geographic properties, MapKIT (Mapping Key Internet Terrain). In the second phase, we will develop methods to identify components that represent potential topological weaknesses, i.e., compromising a few such components would allow an attacker to disrupt, intercept or manipulate Internet traffic of that country. Our multi-layer view of the system will enable an assessment of weaknesses, holistically as well as at specific layers, under various assumptions about the capabilities and knowledge of attackers. Geographic annotations will enable us to consider risks related to the geographic distribution of critical components of the communication infrastructure.

Understanding topological weaknesses for countries or regions is of significant interest to not just the research and operational communities, but also national security agencies, policy bodies, and in daily life. The project also promises significant advances in elucidating relationships between logical topologies at the AS-level and the physical topology of cables and Internet exchanges. We will make tools and data sets developed over the course of the project openly available to the community.

Proposed Timeline of Tasks

The schedule of work below shows how we plan to accomplish the proposed tasks in three years of the project.

SubtaskDescriptionYear 1Year 2Year 3Status
Task 1: Constructing a multi-layer topology map at the country/region level
1.1Identify ASes active in a countryQ1done
1.2Infer logical connectivity between ASes active in a countryQ2Q3done
1.3Develop techniques to map logical connectivity to the router, exchange and facility levelQ3Q4Q1Q2
1.4Identify and map Internet physical infrastructureQ3Q4Q1Q2Q3Q4in progress
1.5Expand the perspective of connectivity within a countryQ1Q2Q3Q4in progress
Task 2: Identifying and quantifying susceptibility to attacks
2.1Create graph representations for the multi-layer mapQ1Q2
2.2Compute the strategic value of topological componentsQ3Q4Q1in progress
2.3Identify topological components with high strategic value and quantify riskQ3Q4Q1Q2Q3Q4in progress
2.4Study the evolution of the topology and topological weaknesses of countries/regions over timeQ1Q2Q3Q4

We will organize a project Workshop in Year 2.

  Last Modified: Sat Oct-31-2020 04:25:22 UTC
  Page URL: