International delivery of Internet traffic often follows a similar pattern as the shipment of physical goods across borders. As with mailing foreign products or other goods to a country, where the postal carrier in the sender’s country may physically hand the package to a third-party international shipper, who then would deliver it over to the destination country’s postal service, so do the Internet’s Autonomous Systems (ASes or individual organizations operating networks) often follow a multi-party chain of delivery. Identifying the ASes that serve as the critical intermediary between networks in one country and their foreign counterparts has important implications for the security, resiliency and privacy of the country’s incoming traffic, and is the overall purpose of this dissertation. Such networks are in a privileged position to observe, manipulate or disrupt Internet traffic towards the country. A wide array of unforeseen events affecting these networks–such as natural disasters, targeted attacks from foreign adversaries, accidental and wide-scale configuration errors–may disable the Internet connectivity of entire countries. These concerns are not hypothetical, as such disconnections have occurred in the recent past.
Identifying Centralized Topological Ports of Entry in Developing Countries
We call intermediate network operators who carry inbound international traffic topological ports of entry. As with the physical delivery of goods, not all inbound Internet traffic occurs through primary topological ports of entry, but identifying these ASes is still important as (taken together as a group) they will deliver the majority of the country’s traffic coming from other countries. The identification of these intermediary ASes, typically called transit providers in the Internet measurements literature, poses considerable technical challenges. Foremost among those is that publicly available data on international wide-area networking (particularly routes announced using the Border Gateway Protocol or BGP, which is the mechanism network operators widely use to announce routes to and from one another) is heavily biased towards routes seen from a small set of measurement vantage points which are themselves located in a small number of countries. This challenge of visibility is particularly pervasive in developing, remote countries, where public BGP measurement infrastructure is either minimal or nonexistent.
This dissertation develops a comprehensive set of tools, including both collection mechanisms and data analysis techniques, to find the main transit providers in remote countries, such as those in parts of Latin America, Africa, South and Central Asia, Eastern Europe and the South Pacific. By improving our understanding of the diversity of inbound connectivity in those regions, our research will identify countries who are particularly at risk of disconnection from the Internet following a configuration error, targeted attack or natural disaster, since their traffic is mostly delivered by a single transit provider (or, at most, a handful of them). Should these countries improve their diversity of connectivity, for example by deploying additional undersea or terrestrial cables to other countries or making more effective use of existing ones, they would improve the resiliency of the inbound Internet connectivity of their users.
The identification of each country’s most important topological ports of entry offers another set of opportunities to both improve the quality and reduce the cost of Internet service for users in remote regions, by facilitating the establishment of connectivity agreements between large multinational transit providers and domestic Internet service providers. Determining who to partner with in each country is an important business decision for the transit providers who have the capability to improve the connectivity of the country, so having access to the results of this dissertation’s analysis may help such (usually foreign) operators in finding domestic partners in each country. The ensuing expansion of diversity of connectivity, and of the country’s inbound capacity to handle Internet traffic, would have the potential to meaningfully improve access to digital technologies by underserved populations.
Identifying Topological Ports of Entry Towards Critical Infrastructure Organizations
Not all shipments are created equal when it comes to how sensitive their contents are, and the same is true of Internet traffic. For instance, we are usually more careful when assigning who gets to handle a shipment of missile parts (which may be limited to a small group of defense contractors) than we would be with one of staplers (which may be done by any shipper). Some Internet traffic is similarly sensitive, including that which has a destination in government, education, finance, healthcare providers, or electric grid operators. This dissertation aims at identifying these critical organizations and determining which topological port of entry they use for traffic coming from other countries.
Of particular concern are ports of entry ASes owned by foreign governments, as that creates opportunities for surveillance or disruption of traffic towards critical organizations. Being a carrier of inbound traffic may allow such state actors to selectively disconnect services for political or military gain, to inject misinformation into the country’s political discourse, or to identify opportunities for compromising additional critical sectors in the country. Some of these state-owned telecommunications providers may be indirectly connected to the country’s critical infrastructure, for example by connecting the primary topological port of entry to the rest of the Internet, which would limit the issue’s visibility by national governments. By revealing such dependencies, our research has the potential to strengthen the security of traffic flowing towards critical organizations in each country, and therefore of reducing the risk of foreign surveillance, content manipulation, and targeted disconnections.
Revealing Private Topological Ports of Entry in the U.S.
In some countries, likely including the United States, the majority of traffic is not delivered through transit providers, but rather by the equivalent of a dense set of bilateral or multilateral private shippers with proprietary agreements (called peering agreements), perhaps analogous to private mail carriers who use their own facilities and do not ever rely on the U.S. Postal Service. Understanding the primary topological ports of entry in those countries requires a set of tools and techniques to actively reveal these private international routes. One of the most widely used such tools is traceroute, which as its name indicates allows the sender of an Internet message to track the route it takes towards a particular destination; an equivalent would be to send a physical package to the U.S. using a private mail carrier, and tracking the various intermediate ports (including the U.S. ports of entry) on the carrier’s website. The viability of traceroute as a mapping tool is greatly limited by the availability of devices to send the probing messages from, as peering routes between network operators will only be taken for specific sources and destinations – unlike routes traversing a transit provider, which would be taken by messages towards a destination from most sources.
As a result of this and other technical challenges, visibility of private peering agreements in public datasets is poor. This dissertation aims to expand that visibility and reveal the topological ports of entry towards large U.S. Internet providers. Identifying these ASes with peering agreements would reveal the main routes taken towards Internet users in the U.S. (and other countries with dense peering fabrics), and provide an assessment of how vulnerable they are to targeted disconnections; while it may be difficult for any one of these peer networks to completely disconnect U.S. users from the Internet, they might still be able to selectively disconnect popular web-based services or inject misinformation into the country’s inbound traffic. Further, by virtue of having a direct peering agreement with broadband operators, these networks are in a privileged position to observe other routes towards the country (those traversing a different AS that are announced through the same shared BGP infrastructure), potentially allowing foreign adversaries to identify valuable targets in their quest to observe or disrupt traffic towards the country. Our research would illuminate these threats and inform the public of the resilience, robustness and security of their country’s inbound Internet traffic, potentially allowing for risk mitigation by incentivizing the enactment of changes in public or private policy.