DOCSLIB.ORG

IODA - Internet Outages: Detection & Analysis

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
IODA - Internet Outages: Detection & Analysis IODA - Internet Outages: Detection & Analysis Alberto Dainotti [email protected] www.caida.org Center for Applied Internet Data Analysis University of California, San Diego CAIDA intro The Center for Applied Internet Data Analysis (CAIDA) is an independent analysis and research group based at the University of California's San Diego Supercomputer Center. CAIDA investigates both practical and theoretical aspects of the Internet. Center for Applied Internet Data Analysis http://www.caida.org/home/about/ University of California San Diego 2 www.caida.org CAIDA research highlights • topology analysis • modeling complex networks • Internet-scale router alias resolution • using hidden metric spaces • comparing IPv6 & IPv4 topology • Internet topology data sharing • geolocation analysis • comparing geolocation services • security & stability • IP reputation vs. governance • large-scale Internet outages • botnet activity • future Internet • BGP hijacks • IPv6 • Named Data Networking • Internet peering analysis • inferring AS relationships • visualization • AS ranking • interconnection economics • modeling peering strategies • transit pricing Center for Applied Internet Data Analysis http://www.caida.org/publications/ University of California San Diego 3 www.caida.org CHRONOLOGY CAIDA and Internet Outages •Jan/Feb 2011 - Internet Kill Switch in Egypt and Libya •Nov 2011 - We present a novel approach to study Internet Outages by combining different types of Internet measurements •Jan 2012 - We present a study on the impact of natural disasters on the network infrastructure •Sep 2012 - NSF funds CAIDA to further develop our methodology and build an experimental operational deployment to monitor the public IPv4 Internet (IODA) •2012 - 2015 — more science and a lot of engineering •Today a prototype that starts to be quite usable Center for Applied Internet Data Analysis University of California San Diego 4 www.caida.org BEFORE IODA post-event manual analysis •Country-level Internet Blackouts Egypt, Jan 2011 during the Arab Spring Government orders to shut down the Dainotti et al. “Analysis of Country-wide Internet Internet Outages Caused by Censorship” ACM SIGCOMM IMC 2011 •Natural disasters affecting the infrastructure climbs slowly, reaching pre-event levels only after a week, which correlates with the restoration of power in the Christchurch area [?]. Japan, Mar 2011 Dainotti et al. “Extracting Benefit from Earthquake 180 of Magnitude 9.0 EARTHQUAKE Harm: Using Malware Pollution to Analyze 160 the Impact of Political and Geophysical EPICENTER Events on the Internet” 140 ACM SIGCOMM CCR 2012 120 100 Center for Applied Internet Data Analysis University of California San Diego(a) Christchurch (b) Tohoku 80 5 www.caida.org 60 Figure 5: Networks selected within the estimated maximum radius of im- pact of the earthquake (20km for Christchurch and 304km for Tohoku). We Number of distinct IPs per hour 40 based our geolocation on the publicly available MaxMind GeoLite Country 20 database. 0 02-18 00:00 02-20 00:00 02-22 00:00 02-24 00:00 02-26 00:00 02-28 00:00 03-02 00:00 03-04 00:00 4 (x=137,y=3.59) 3.5 (x=6,y=2.0) 3 Figure 7: Rate of unique source IP addresses found in unsolicited traffic 2.5 reaching the UCSD network telescope from networks geolocated within a 2 ⇢max =20km range from the Christchurch earthquake epicenter. The 1.5 rate of distinct IPs per hour drops immediately after the earthquake. Peaks before the earthquake were above 140-160 IPs/hour on weekdays (weekend 1 is on 19-20 February), while the first peak after the earthquake is slightly 0.5 above 100 IPs/hour. Levels remain lower for several days, consistent with - Ratio of distinct IPs before/after earthquake the slow restoration of power in the area. θ 0 0 20 40 60 80 100 120 140 160 180 200 220 240 260 280 300 320 340 360 380 400 420 440 460 480 500 Km Figure ?? plots the same graph for IBR traffic associated with the Christchurch Tohoku Tohoku earthquake, within a maximum distance ρmax =304km from the epicenter. The much steeper drop in the number of unique Figure 6: Measuring the impact of the earthquake on network connectivity as seen by the telescope: value of ✓ for all networks within a given range IPs per hour sending IBR traffic is consistent with the Tohoku earth- from the epicenter. The peak value ✓max reached by ✓ can be considered quake’s much larger magnitude than that of the Christchurch earth- the magnitude of the impact. quake. In the days after the event the IBR traffic starts to pick up again, but does not reach the levels from before the event during the analyzed time interval, also consistent with the dramatic and kilometers from its epicenter, consistent with the stronger magni- lasting impact of the Tohoku earthquake on Northern Japan. tude of Tohoku’s earthquake (see Table ??) and news reports re- garding its impact on buildings and power infrastructure. Table ?? 800 summarizes these indicators found for both earthquakes. 700 EARTHQUAKE Christchurch Tohoku 600 Magnitude (✓max) 2 at 6km 3.59 at 137km Radius (⇢max) 20km 304km 500 Table 3: Indicators of earthquakes’ impact on network connectivity as ob- 400 served by the UCSD network telescope. 300 Number of distinct IPs per hour 200 IBR traffic also reveals insight into the evolution of the earth- quake’s impact on network connectivity. Figure ?? plots the num- 100 ber of distinct source IPs per hour of packets reaching the telescope 03-04 00:00 03-06 00:00 03-08 00:00 03-10 00:00 03-12 00:00 03-14 00:00 03-16 00:00 03-18 00:00 03-20 00:00 03-22 00:00 from networks within the ρmax =20km radius from the epicenter of Christchurch’s earthquake. All times are in UTC. The time range starts approximately one week before the earthquake and ends two weeks after. We would not expect the IBR traffic to drop to zero, Figure 8: Rate of unique source IP addresses found in unsolicited traffic reaching the UCSD network telescope from networks geolocated within for two reasons. First, not all networks are necessarily disabled by ⇢max =304km of the Tohoku earthquake epicenter. The rate of distinct the earthquake. Second, the geolocation database services we use IPs per hour shows a considerable drop after the earthquake which does not are not 100% accurate. return to previous levels even after several days. For a few days before the event, peaks are always above 140 unique IP addresses per hour (IPs/hour) on weekdays, sometimes Figures ?? and ?? show that the rate of unique IP addresses per above 160 IPs/hour. In the 24 hours after the earthquake, the rate hour observed by the telescope matches the dynamics of the earth- drops, with a peak slightly above 100 IPs/hour. The IPs/hour rate quakes, reflecting their impact on network connectivity. In order to BEFORE IODA post-event manual analysis Egypt, Jan 2011 Government orders to shut down the Internet 4 months of work Center for Applied Internet Data Analysis University of California San Diego 6 www.caida.org IODA TODAY live Internet monitoring Last Christmas we made it possible for anybody to follow the North Korean disconnection almost live Center for Applied Internet Data Analysis University of California San Diego https://charthouse.caida.org/public/kp-outage 7 www.caida.org IODA TODAY let’s see how Internet providers are doing in the US EVERYTHING LOOKS FINE… Center for Applied Internet Data Analysis University of California San Diego 8 www.caida.org IODA TODAY Same type of graphs at the end of August 2014 TWO INDICATORS SHOW SOMETHING WENT WRONG WITH TIME WARNER Center for Applied Internet Data Analysis University of California San Diego 9 www.caida.org IODA the system at a glance BGP BGP TREAM PER-REGION PER-AS … VISIBILITY VISIBILITY BGPWATCHER FULLPFXS PEERTABLES BGPREADER BGPCORSARO BGPSTREAM LIBRARY BGPDUMP BGPARCHIVE BGPDOWNLOADER l CHARTH USE i Charthouse b Charthouse Frontend T Backend i Corsaro m IBR .cor .pcap tools cor2ascii cor-agg corsaro [your name here] e libcorsaro intervals I/O logging .log S ace r libt initialize process packet interval start interval end finalize e Whisper plugins Flow-Tuple DoS [yours!] .ft.cor .dos.cor [.you.cor] r i e Graphite s Active Probing data processing Detection & Inference pfx-to-AS libiPmeta Geo-location Center for Applied Internet Data Analysis University of California San Diego http://www.caida.org/funding/ioda/ 10 www.caida.org IODA Internet Outages: Detection & Analysis •multiple types of sources and methodologies ... - Routing Plane [BGP] BGP - Data Plane - Active probing [pinging + traceroutes] IBR ACTIVE - Passive [IBR] PROBING - easy to plug new sources •meta-data to extract liveness signals for various aggregations (countries, counties, cities, /24 address blocks, prefixes, ASNs) •combining signals to detect & monitor •trigger ad hoc active measurements when an event is detected •visual interface for analysis and dashboards Center for Applied Internet Data Analysis University of California San Diego http://www.caida.org/funding/ioda/ 11 www.caida.org BGP BGP Border Gateway Protocol •BGP - The protocol that establishes routes between ISP networks (autonomous systems) all over the world •Autonomous Systems (AS) - “a set of routers under a single technical administration, using an interior gateway protocol and common metrics to determine how to route packets within the AS, and using an inter-AS routing protocol to determine how to route packets to other ASs.” - RFC 4271 •Network Prefixes - Smaller networks are identified by a network address and a network mask - e.g. prefix 192.172.0.0/16 is assigned to AS99 and is reachable by AS67 through the AS path: AS67➔AS44➔AS15➔AS99 ➔ 192.172.0.0/16 - AS paths are computed by exchanging BGP update messages: “Hey, I’m AS44 and can reach 192.172.0.0/16 through AS15➔AS99” Center for Applied Internet Data Analysis University of California San Diego 12 www.caida.org BGP DATA COLLECTION Route Collectors and Route Monitors BGP •BGP measurement projects establish peering sessions with ASes to receive their routing tables (no exchange of other traffic) Figure 2: BGP Update Stream (sil: silence period; rec: session •RouteViews (Univ.
Load more

Recommended publications
  • The Right to Development and Internet Shutdowns
    D Mburu Nyokabi, N Diallo, NW Ntesang, TK White & T Ilori ‘The right to development and internet shutdowns: Assessing the role of information and communications technology in democratic development in Africa’ (2019) 3 Global Campus Human Rights Journal 147-172 https://doi.org/20.500.11825/1582 The right to development and internet shutdowns: Assessing the role of information and communications technology in democratic development in Africa Deborah Mburu Nyokabi,* Naa Diallo,* Nozizwe W Ntesang,*** Thomas Kagiso White**** and Tomiwa Ilori***** Abstract: The right to development is generally assessed as an all-inclusive right. It is regarded as a rallying right in which all other rights are mostly realised. The progressive nature of the right to development in realising other rights as a benchmark to a society’s development has become popular even beyond legal jurisprudence to include other qualitative fields of knowledge. The role played by information and communications technology in the realisation of this right has also been acknowledged, particularly in the digital age. However, this progress has not been even across regions in the world. While some regions have experienced a fast-paced development due to ICT, several countries in Africa have been held back due to unfavourable state and non-state policies that have had negative impacts on human rights and democratic development on the continent. This article assesses the impact of ICT on the right to development, particularly as a rallying right, and the way in which the internet, a major component of ICT, has affected the right. The article especially considers the effects of network disruptions on human rights and democratic development that have become rife in the region.
    [Show full text]
  • The Collision of Social Media and Social Unrest: Why Shutting Down Social Media Is the Wrong Response, 11 Nw
    Northwestern Journal of Technology and Intellectual Property Volume 11 | Issue 7 Article 7 Fall 2013 The olC lision of Social Media and Social Unrest: Why Shutting Down Social Media is the Wrong Response Mirae Yang Recommended Citation Mirae Yang, The Collision of Social Media and Social Unrest: Why Shutting Down Social Media is the Wrong Response, 11 Nw. J. Tech. & Intell. Prop. 707 (2013). https://scholarlycommons.law.northwestern.edu/njtip/vol11/iss7/7 This Comment is brought to you for free and open access by Northwestern Pritzker School of Law Scholarly Commons. It has been accepted for inclusion in Northwestern Journal of Technology and Intellectual Property by an authorized editor of Northwestern Pritzker School of Law Scholarly Commons. NORTHWESTERN JOURNAL OF TECHNOLOGY AND INTELLECTUAL PROPERTY The Collision of Social Media and Social Unrest: Why Shutting Down Social Media is the Wrong Response Mirae Yang September 2013 VOL. 11, NO. 7 © 2013 by Northwestern University School of Law Northwestern Journal of Technology and Intellectual Property Copyright 2013 by Northwestern University School of Law Volume 11, Number 7 (September 2013) Northwestern Journal of Technology and Intellectual Property The Collision of Social Media and Social Unrest: Why Shutting Down Social Media is the Wrong Response By Mirae Yang∗ I. INTRODUCTION .............................................................................................. 708 II. THE RECENT HISTORY OF SOCIAL MEDIA'S EFFECT ON SOCIAL UPRISINGS ACROSS THE WORLD AND THE GOVERNMENT’S SUBSEQUENT
    [Show full text]
  • Does the Communications Act of 1934 Contain a Hidden Internet Kill Switch?
    FEDERAL COMMUNICATIONS LAW JOURNAL VOLUME 65 I SSUE 1 J ANUARY 2013 D OES THE COMMUNICATIONS ACT OF 1934 CONTAIN A H IDDEN INTERNET KILL SWITCH? David W. Opderbeck FEDERAL COMMUNICATIONS LAW JOURNAL VOLUME 65 ISSUE 1 JANUARY 2013 Editor-in-Chief DENNIS HOLMES Senior Managing Editor Senior Production Editor JONATHAN MCCORMACK JESSICA KRUPKE Senior Articles Editor Senior Notes Editor AVONNE BELL JOHN COX Articles Editors Managing Editors Notes Editors RHONDA ADATO N. JAY MALIK ALLARD CHU ROBERT HOPKINS KATHERINE MANTHEI BETSY GOODALL ROBERT VORHEES EMILY SILVEIRO-ALLEN JOSHUA KRESH CHARLES POLLACK Journal Staff KEENAN ADAMCHAK BEN ANDRES JAMES CHAPMAN ANDREW ERBER ADETOKUNBO FALADE DAVID HATEF MATHEW HATFIELD ADAM HOTTELL DARREL JOHN JIMENEZ EVIN LUONGO JAMI MEVORAH MILENA MIKAILOVA MELISSA MILCHMAN CLAYTON PREECE SEETA REBBAPRAGADA MEREDITH SHELL MICHAEL SHERLING MARY SHIELDS TOM STRUBLE HOLLY TROGDON MARGOT VANRIEL CARLA VOIGT BRANDON WHEATLEY MICHAEL WILLIAMS JARUCHAT SIRICHOKCHATCHAWAN Faculty Advisors PROFESSOR JEROME BARRON PROFESSOR KAREN THORNTON PROFESSOR DAWN NUNZIATO Adjunct Faculty Advisors MATTHEW GERST ETHAN LUCARELLI NATALIE ROISMAN RYAN WALLACH Published by the GEORGE WASHINGTON UNIVERSITY LAW SCHOOL and the FEDERAL COMMUNICATIONS BAR ASSOCIATION Does the Communications Act of 1934 Contain a Hidden Internet Kill Switch? David W. Opderbeck* TABLE OF CONTENTS I.! INTRODUCTION .................................................................................... 3! II.! THE WAR AND EMERGENCY POWERS IN SECTION 606 OF THE COMMUNICATIONS
    [Show full text]
  • The Myths and Realities of the Internet Kill Switch
    Science and Technology Law Review Volume 15 Number 2 Article 8 2012 Killing the Internet to Keep America Alive: The Myths and Realities of the Internet Kill Switch Scott M. Ruggiero Follow this and additional works at: https://scholar.smu.edu/scitech Recommended Citation Scott M. Ruggiero, Killing the Internet to Keep America Alive: The Myths and Realities of the Internet Kill Switch, 15 SMU SCI. & TECH. L. REV. 241 (2012) https://scholar.smu.edu/scitech/vol15/iss2/8 This Comment is brought to you for free and open access by the Law Journals at SMU Scholar. It has been accepted for inclusion in Science and Technology Law Review by an authorized administrator of SMU Scholar. For more information, please visit http://digitalrepository.smu.edu. Killing the Internet to Keep America Alive: The Myths and Realities of the Internet Kill Switch Scott M. Ruggiero* "Congress is debating a kill switch that would allow President Obama to freeze all activity on the Internet if there was a national emergency. The kill switch goes by the top-secret name 'Microsoft Windows."' -Conan 0' Brienl I. INTRODUCTION Does the President have the power to shut down the Internet in America? While much debate has centered on a proposed Senate bill that would have given the President an Internet "kill switch," 2 most Americans would be surprised to discover that the President has had this power for nearly seventy years-decades predating the creation of the Internet. This hot-button issue has resulted in the search of the phrase "Internet kill switch" over 539,000 times on Google.3 This paper will discuss the legality and constitutional implications of the "kill switch." Part I will discuss the history and background of the "kill switch." The first section of Part I discusses the law currently in effect.
    [Show full text]
  • Cybersecurity and the Internet Kill Switch Debate*
    Not Like an Egyptian: Cybersecurity and the Internet * Kill Switch Debate “If you spend more on coffee than on IT security, then you will be hacked. What’s more, you deserve to be hacked.”1 I. Introduction On January 28, 2011, Egypt vanished—not literally, but digitally. Following massive demonstrations against Egyptian President Hosni Mubarak’s regime,2 the Egyptian government shut off Internet access across the country, a move “unprecedented in Internet history.”3 With access to social-networking sites cut off, even more citizens stormed the streets of Cairo, adding Internet connectivity to their list of political demands and transforming Tahrir Square into a “street Twitter.”4 Though the logistics of Egypt’s “Internet kill switch” remain foggy,5 the event has set the stage for a serious debate about cybersecurity issues within the United States, including whether or not the United States government should be given access to a kill switch of its own.6 A series of high-profile 7 Internet attacks in the last two years underscores the severity of the problem. * Thank you to my friends—the members of the Texas Law Review—for their help preparing this Note for publication. Thanks also to Andrew C. Payne for the initial inspiration that evolved into this piece. Any errors remain my own. 1. Robert Lemos, Security Czar: Button Up or Get Hacked, CNET NEWS (Feb. 19, 2002), http://news.cnet.com/2100-1001-840335.html (quoting Richard Clarke, Special Adviser on Cybersecurity to President George W. Bush). 2. See generally Kareem Fahim & Mona El-Naggar, Violent Clashes Mark Protests Against Mubarak’s Rule, N.Y.
    [Show full text]
  • On Cyberwarfare
    DCAF HORIZON 2015 WORKING PAPER No. 7 On Cyberwarfare Fred Schreier DCAF HORIZON 2015 WORKING PAPER No. 7 On Cyberwarfare Fred Schreier Table of Contents On Cyberwarfare 7 1. The Basic Building Blocks: Cyberspace, Cyberpower, Cyberwarfare, and Cyberstrategy 10 2. The Difference between Information Warfare and Cyberwarfare 19 3. Understanding the Threats in Cyberspace 31 4. Cyber Vulnerabilities and how Cyber Attacks are Enabled 48 5. Major Issues, Ambiguities, and Problems of Cyberwar 68 Annex 1: In which Ways is Cyberwar different from the other Warfighting Domains? 93 Annex 2: Summary of major Incidents of Cyber Conflict 107 Glossary 116 Select Bibliography 121 DCAF HORIZON 2015 WORKING PAPER 5 6 DCAF HORIZON 2015 WORKING PAPER On Cyberwarfare The digital world has brought about a new type of clear and present danger: cyberwar. Since information technology and the internet have developed to such an extent that they have become a major element of national power, cyberwar has become the drumbeat of the day as nation-states are arming themselves for the cyber battlespace. Many states are not only conducting cyber espionage, cyber reconnaissance and probing missions; they are creating offensive cyberwar capabilities, developing national strategies, and engaging in cyber attacks with alarming frequency. Increasingly, there are reports of cyber attacks and network infiltrations that can be linked to nation-states and political goals. What is blatantly apparent is that more financial and intellectual capital is being spent figuring out how to conduct cyberwarfare than for endeavors aiming at how to prevent it.1 In fact, there is a stunning lack of international dialogue and activity with respect to the containment of cyberwar.
    [Show full text]
  • The Internet Kill Switch: Risks and Aims of Government- Imposed Internet Shutdowns
    Risk Report the Internet Kill Switch: Risks and Aims of Government- Imposed Internet Shutdowns www.globalriskintel.com The internet kill switch: Risks and aims of government-imposed internet shutdowns Disclaimer: The views expressed in this document are the sole responsibility of the author(s) and do not necessarily reflect the views of Global Risk Intelligence. This document is issued with the understanding that if any extract is used, that both the author(s) and Global Risk Intelligence shall be credited, preferably with the date of the publication. Copyright © Global Risk Intelligence. All Rights Reserved. www.globalriskintel.com 2 | Page Public Release The internet kill switch: Risks and aims of government-imposed internet shutdowns THE INTERNET KILL SWITCH Risks and Aims of Government-Imposed Internet Shutdowns risk Report Global Risk Intelligence September 4, 2019 Washington, D.C. · London · Dubai · Singapore www.globalriskintel.com 3 | Page Public Release The internet kill switch: Risks and aims of government-imposed internet shutdowns Author Yasemin Zeisl is a Risk Analyst at Global Risk Intelligence. She earned her MSc in International Relations and Affairs from the London School of Economics and Political Science (LSE). She is currently based in Austria. 4 | Page Public Release The internet kill switch: Risks and aims of government-imposed internet shutdowns List of Abbreviations: AFRINIC African Network Information Centre CIPESA Collaboration on International ICT Policy in East and Southern Africa IMF International Monetary Fund ISP Internet Service Provider ITU International Telecommunication Union UNHRC United Nations Human Rights Council Bolts: Operational, Financial, Compliance. Tags: Africa, Asia, Europe, Middle East, Cameroon, Chad, India, Spain, Sudan, Turkey, Zimbabwe, Cybersecurity, Government Control, Internet, Internet Service Providers, Internet Blackout, Internet Shutdown, National Security, Public Safety, Social Media, Media, United Nations.
    [Show full text]
  • Framing Victimhood for Political Gain
    International Journal of Communication 7 (2013), 1074–1092 1932–8036/20130005 The Two Internet Freedoms: Framing Victimhood for Political Gain BENJAMIN W. CRAMER The Pennsylvania State University This article, via framing analysis and textual analysis, examines the rhetoric of U.S. officials and political commentators toward Internet usage in other countries versus Internet policy in the United States. The article will argue that Internet freedom has been defined differently based on who frames the discussion, and what the strategic and political implications might be. This in turn leads to different perceptions of who the victims are when Internet access is threatened. Introduction This article argues that the U.S. political establishment has two vastly different definitions of Internet freedom that lead to contradictory policies in which Third World protesters receive more support for their Internet access than do U.S. citizens. In countries where the United States has strategic interests in regime change, Internet freedom has been equated with the fight for political liberty, because free citizens’ Internet usage should face no restrictions from any party. However, this frame has not been extended toward Internet policy in the United States, where access providers have claimed the freedom to operate networks without government oversight, perhaps to the point of discrimination against particular users or websites. This article analyzes U.S. policy toward Internet usage at home and abroad, reviewing the texts of an exemplary selection of official governmental statements, political commentary, and news reports about both for trends in framing and rhetoric. The article will argue that from a geopolitical standpoint, Internet freedom has been defined differently based on who frames the discussion and what the strategic and political implications might be.
    [Show full text]
  • The Growth of Global Internet Censorship and Circumvention: a Survey
    Communications of the IIMA Volume 11 Issue 2 Article 6 2011 The Growth of Global Internet Censorship and Circumvention: A Survey Ramesh Subramanian Quinnipiac University Follow this and additional works at: https://scholarworks.lib.csusb.edu/ciima Recommended Citation Subramanian, Ramesh (2011) "The Growth of Global Internet Censorship and Circumvention: A Survey," Communications of the IIMA: Vol. 11 : Iss. 2 , Article 6. Available at: https://scholarworks.lib.csusb.edu/ciima/vol11/iss2/6 This Article is brought to you for free and open access by CSUSB ScholarWorks. It has been accepted for inclusion in Communications of the IIMA by an authorized editor of CSUSB ScholarWorks. For more information, please contact [email protected]. The Growth of Global Internet Censorship and Circumvention: A Survey Subramanian The Growth of Global Internet Censorship and Circumvention: A Survey Ramesh Subramanian Quinnipiac University, USA [email protected] ABSTRACT The Internet has, within a period of twenty years, become the primary medium of information exchange in the world. It is also arguably the primary source of information in the world. Search engines such as Google and Yahoo have made the vast trove of information available and accessible to everybody. Email and social network applications such as Facebook and Twitter have enabled people all over the world to meet, collaborate and participate in joint activities. The Internet has also gradually become a tool of dissidence in repressed nations all over the world - to spread information, plan and organize activists and conduct protests. Not surprisingly, repressive regimes see the Internet as a threat. Under the guise of protecting their citizens from the negative effects of the Internet (such as pornography and hate speech), they have, and are, actively curbed Internet use by their citizens by adopting various censorship measures and blockades.
    [Show full text]
  • Analysis of Country-Wide Internet Outages Caused by Censorship
    This is the author's version of an article that has been published in this journal. Changes were made to this version by the publisher prior to publication. The final version of record is available at http://dx.doi.org/10.1109/TNET.2013.2291244 1 Analysis of Country-wide Internet Outages Caused by Censorship Alberto Dainotti1, Claudio Squarcella2, Emile Aben3, Kimberly C. Claffy1, Marco Chiesa2, Michele Russo4, and Antonio Pescape´4 1CAIDA, University of California San Diego, La Jolla, CA USA 2Roma Tre University, Italy 3RIPE NCC, The Netherlands 4Dipartimento di Ingegneria Elettrica e delle Tecnologie dell’Informazione, Universita´ degli Studi di Napoli Federico II, Italy In the first months of 2011, Internet communications were ordered a complete Internet shutdown amidst popular anti- disrupted in several North African countries in response to government protests calling for the resignation of Egyptian civilian protests and threats of civil war. In this paper we analyze President Hosni Mubarak. The order followed reports on the episodes of these disruptions in two countries: Egypt and Libya. Our analysis relies on multiple sources of large-scale data already previous day (25 January) of blocked access to Twitter [31], available to academic researchers: BGP interdomain routing although an Egyptian government official denied blocking any control plane data; unsolicited data plane traffic to unassigned social media web sites [60]. In addition to mainstream media address space; active macroscopic traceroute measurements; RIR reporting of traffic disruption [61], several commercial Internet delegation files; and MaxMind’s geolocation database. We used measurement companies posted technical data analyses on the latter two data sets to determine which IP address ranges were allocated to entities within each country, and then mapped their blogs [20], [41], [62].
    [Show full text]
  • Analysis of Country-Wide Internet Outages Caused by Censorship
    Analysis of Country-wide Internet Outages Caused by Censorship Alberto Dainotti Claudio Squarcella Emile Aben University of Napoli Federico II Roma Tre University RIPE NCC [email protected] [email protected] [email protected] Kimberly C. Claffy Marco Chiesa CAIDA/UCSD Roma Tre University [email protected] [email protected] Michele Russo Antonio Pescapé University of Napoli Federico II University of Napoli Federico II [email protected] [email protected] ABSTRACT Keywords In the first months of 2011, Internet communications were dis- Outages, Connectivity Disruption, Censorship, Darknet, Network rupted in several North African countries in response to civilian Telescope, Internet Background Radiation protests and threats of civil war. In this paper we analyze episodes of these disruptions in two countries: Egypt and Libya. Our analy- sis relies on multiple sources of large-scale data already available 1. INTRODUCTION to academic researchers: BGP interdomain routing control plane On the evening of January 27, 2011 Egypt—a population of 80 data; unsolicited data plane traffic to unassigned address space; ac- million, including 23 million Internet users [41]—vanished from tive macroscopic traceroute measurements; RIR delegation files; the Internet. The Egyptian government ordered a complete Internet and MaxMind’s geolocation database. We used the latter two data shutdown amidst popular anti-government protests calling for the sets to determine which IP address ranges were allocated to entities resignation of Egyptian President Hosni Mubarak. The order fol- within each country, and then mapped these IP addresses of inter- lowed reports on the previous day (25 January) of blocked access est to BGP-announced address ranges (prefixes) and origin ASes to Twitter [24], although an Egyptian government official denied using publicly available BGP data repositories in the U.S.
    [Show full text]
  • Internet Kill Switch’
    Syracuse University SURFACE Dissertations - ALL SURFACE May 2019 ADDRESSING THE ULTIMATE FORM OF CYBERSECURITY CONTROL, A MULTIPLE CASE STUDY FOR THE ‘INTERNET KILL SWITCH’ Patricia Adriana Vargas Leon Syracuse University Follow this and additional works at: https://surface.syr.edu/etd Part of the Social and Behavioral Sciences Commons Recommended Citation Vargas Leon, Patricia Adriana, "ADDRESSING THE ULTIMATE FORM OF CYBERSECURITY CONTROL, A MULTIPLE CASE STUDY FOR THE ‘INTERNET KILL SWITCH’" (2019). Dissertations - ALL. 1014. https://surface.syr.edu/etd/1014 This Dissertation is brought to you for free and open access by the SURFACE at SURFACE. It has been accepted for inclusion in Dissertations - ALL by an authorized administrator of SURFACE. For more information, please contact [email protected]. i Abstract The Internet has proved its capacity to defy the nation-states’ traditional borders. Facing this circumstance, governments became eager to control its infrastructure, as they did in the past with other forms of communication and they have attempted to shut down the Internet in several occasions. Academics and non-governmental organizations have focused their attention on authoritarian regimes because of the impact of Internet shutdowns on human rights. However, this extreme action of government control has also been part of the debate in non-authoritarian regimes. Thus, this dissertation contributes to the academic debate by analyzing democratic and hybrid regimes, their political discourse and concrete actions to shut down the Internet or to consider doing it. This process starts by questioning the traditional belief that democratic governments, self- defenders of the freedom as a human right, would not consider shutting down the Internet.
    [Show full text]