The Journal of Supercomputing

, Volume 74, Issue 10, pp 4965–4985 | Cite as

Identifying critical autonomous systems in the Internet

  • Abdullah Yasin NurEmail author
  • Mehmet Engin Tozal


The Internet not only facilitates our daily activities, such as communication, entertainment and shopping but also serves as the enabling technology for many critical services, including finance, manufacturing, healthcare and transportation. On the other hand, a wide spectrum of attacks targets its communication infrastructure to disable or disrupt the network connectivity and traffic flow until recovery processes take place. Attacking all autonomous systems (ASes) in the Internet is typically beyond the capability of an adversary. Therefore, targeting a small number of ASes which results in the highest impact is the best strategy for attackers. Similarly, it is important for network practitioners to identify, fortify and secure those critical ASes to mitigate the impact of the attacks. In this study we introduce an intuitive and effective measure, IP address spatial path stress centrality, to assess and identify the critical ASes in the Internet. We compare IP address spatial path stress centrality to the three well-known and widely used centrality measures, namely customer-cone size, node degree and betweenness. We demonstrate that the proposed measure incorporates business relations and IP address spaces to achieve a better measure for identifying the critical ASes in the Internet.


Autonomous systems Internet security Complex systems 


  1. 1.
    Hawkinson J, Bates T (1996) Guidelines for creation, selection, and registration of an autonomous system (AS). RFC 1930Google Scholar
  2. 2.
    Tozal ME (2016) The Internet: a system of interconnected autonomous systems. In: IEEE Systems Conference, Orlando, FL, USAGoogle Scholar
  3. 3.
    Luckie M, Huffaker B, Claffy K, Dhamdhere A, Giotsas V (2013) As relationships, customer cones, and validation. In: Internet Measurement Conference (IMC), Barcelona, ESPGoogle Scholar
  4. 4.
    Gao L (2001) On inferring autonomous system relationships in the internet. IEEE/ACM Trans Netw 9(6):733–745CrossRefGoogle Scholar
  5. 5.
    Giotsas V, Luckie M, Huffaker B, Claffy K (2014) Inferring complex AS relationships. In: ACM IMCGoogle Scholar
  6. 6.
  7. 7.
    Nur AY, Tozal ME (2016) Defending cyber-physical systems against dos attacks. In: IEEE International Conference on Smart Computing, St. Louis, MO, USAGoogle Scholar
  8. 8.
    Kang MS, Lee SB, Gligor VD (2013) The crossfire attack. In: IEEE Symposium on Security and Privacy, San Francisco, CA, USAGoogle Scholar
  9. 9.
    Bellovin S, Gansner ER (2004) Using link cuts to attack internet routing. Tech. rep, ATT ResearchGoogle Scholar
  10. 10.
    Schuchard M, Mohaisen A, Kune DF, Hopper N, Kim Y, Vasserman EY (2010) Losing control of the internet: using the data plane to attack the control plane. In: ACM Conference on Computer and Communications Security, Chicago, IL, USAGoogle Scholar
  11. 11.
    Butler K, Farley TR, McDaniel P, Rexford J (2010) A survey of bgp security issues and solutions. Proc IEEE 98(1):100–122CrossRefGoogle Scholar
  12. 12.
    Tozal ME (2017) Autonomous system ranking by topological characteristics: a comparative study. In: IEEE Systems Conference, Montreal, CanadaGoogle Scholar
  13. 13.
    Tozal ME (2018) Policy-preferred paths in AS-level Internet topology graphs. Theory Appl Graphs 5(1):1–32MathSciNetGoogle Scholar
  14. 14.
    Tozal ME (2016) Enumerating single destination, policy-preferred paths in AS-level Internet topology maps. In: IEEE Sarnoff Symposium, NJ, USAGoogle Scholar
  15. 15.
    Rueda DF, Calle E, Marzo JL (2017) Robustness comparison of 15 real telecommunication networks: Structural and centrality measurements. J Netw Syst Manag 25(2):269–289CrossRefGoogle Scholar
  16. 16.
    Wang Y, Zhang K (2016) Quantifying the flattening of internet topology. In: International Conference on Future Internet TechnologiesGoogle Scholar
  17. 17.
    Latora V, Nicosia V, Russo G (2017) Complex networks: principles, methods and applications. Cambridge University Press, CambridgeCrossRefGoogle Scholar
  18. 18.
    Zimmerli L, Tellenbach B, Wagner A, Plattner B (2009) Rating autonomous systems. In: Internet monitoring and protection (ICIMP)Google Scholar
  19. 19.
    Clérot F, Nguyen Q (2005) A social network approach for the ranking of the autonomous systems of the Internet. In: Link analysis workshopGoogle Scholar
  20. 20.
    Wagner C, François J, State R, Dulaunoy A, Engel T, Massen G (2013) Asmatra: ranking ass providing transit service to malware hosters. In: Integrated network management, IFIP/IEEEGoogle Scholar
  21. 21.
    Dimitropoulos X, Krioukov D, Riley G, claffy K (2006) Revealing the autonomous system taxonomy: The machine learning approach. In: Passive and active network measurement workshop (PAM), Adelaide, AustraliaGoogle Scholar
  22. 22.
    Rekhter Y, Li T, Hares S (2006) A Border Gateway Protocol 4 (BGP-4). RFC 4271 (Draft Standard)Google Scholar
  23. 23.
    Wang H, Song M (2011) Ckmeans.1d.dp: optimal k-means clustering in one dimension by dynamic programming. R J 3(2):29–33Google Scholar
  24. 24.
    Freeman LC (1977) A set of measures of centrality based on betweenness. Sociometry 40(1):35–41CrossRefGoogle Scholar
  25. 25.
    Shavitt Y, Weinsberg U (2012) Topological trends of internet content providers. In: SIMPLEXGoogle Scholar
  26. 26.
    Emond EJ, Mason DW (2002) A new rank correlation coefficient with application to the consensus ranking problem. J Multi-Criteria Decis Anal 11(1):17–28CrossRefGoogle Scholar
  27. 27.
    Masoud MZ, Hei X, Cheng W (2013) A graph-theoretic study of the flattening internet as topology. In: IEEE International Conference on Networks, Singapore, SingaporeGoogle Scholar
  28. 28.
    Hiran R, Carlsson N, Shahmehri N (2016) Does scale, size, and locality matter? evaluation of collaborative bgp security mechanisms. In: IFIP Networking Conference, IEEE, pp 261–269Google Scholar
  29. 29.
    Perlman RJ (1988) Network layer protocols with byzantine robustness. Ph.D. thesis, Massachusetts Institute of TechnologyGoogle Scholar
  30. 30.
    Nicholes MO, Mukherjee B (2009) A survey of security techniques for the border gateway protocol (bgp). IEEE Commun Surv Tutor 11(1):52–65CrossRefGoogle Scholar
  31. 31.
    Kent S, Lynn C, Seo K (2000) Secure border gateway protocol (s-bgp). IEEE J Select Areas Commun 18(4):582–592CrossRefGoogle Scholar
  32. 32.
    Ng J et al (2004) Extensions to bgp to support secure origin bgp (sobgp). Tech. rep, Internet Draft, AprGoogle Scholar
  33. 33.
    Goodell G, Aiello W, Griffin T, Ioannidis J, McDaniel PD, Rubin AD (2003) Working around bgp: an incremental approach to improving security and accuracy in interdomain routing. In: NDSS, vol 23, p 156Google Scholar
  34. 34.
    Gómez-Arevalillo ADLR, Papadimitratos P (2017) Blockchain-based public key infrastructure for inter-domain secure routing. In: international workshop on open problems in network security (iNetSec), pp 20–38Google Scholar
  35. 35.
    Qiu SY, Monrose F, Terzis A, McDaniel PD (2006) Efficient techniques for detecting false origin advertisements in inter-domain routing. In: Secure network protocols, 2006. 2nd IEEE workshop on, IEEE, pp 12–19Google Scholar
  36. 36.
    Lad M, Massey D, Pei D, Wu Y, Zhang B, Zhang L (2006) Phas: a prefix hijack alert system. In: USENIX Security symposium, vol 1, p 3Google Scholar
  37. 37.
    Nur AY, Tozal ME (2018) Record route ip traceback: combating dos attacks and the variants. Comput Secur 72:13–25CrossRefGoogle Scholar
  38. 38.
    Kalkan K, Gür G, Alagöz F (2017) Filtering-based defense mechanisms against ddos attacks: a survey. IEEE Syst J 11(4):2761–2773CrossRefGoogle Scholar
  39. 39.
    Wisthoff M (2018) Ddos countermeasures. In: Information technology-new generations. Springer, pp 915–919Google Scholar
  40. 40.
    Gil TM, Poletto M (2001) Multops: A data-structure for bandwidth attack detection. In: USENIX Security Symposium, pp 23–38Google Scholar
  41. 41.
    Peng T, Leckie C, Ramamohanarao K (2004) Proactively detecting distributed denial of service attacks using source ip address monitoring. In: International Conference on Research in Networking, Springer, pp 771–782Google Scholar
  42. 42.
    Mahajan R, Bellovin SM, Floyd S, Ioannidis J, Paxson V, Shenker S (2002) Controlling high bandwidth aggregates in the network. ACM SIGCOMM Comput Commun Rev 32(3):62–73CrossRefGoogle Scholar
  43. 43.
    Peng T, Leckie C, Ramamohanarao K (2007) Survey of network-based defense mechanisms countering the dos and ddos problems. ACM Comput Surv (CSUR) 39(1):3CrossRefGoogle Scholar
  44. 44.
    Baker F, Savola P (2004) Ingress filtering for multihomed networks. RFC 3704Google Scholar
  45. 45.
    Kalkan K, Alagöz F (2016) A distributed filtering mechanism against ddos attacks: Scoreforcore. Comput Netw 108:199–209CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.School of Computing and InformaticsUniversity of Louisiana, LafayetteLafayetteUSA

Personalised recommendations