SlideShare a Scribd company logo

Spring colloquium

Download as PPTX, PDF
M
Manasa Suresh

Route leaks occur when improper network prefixes are advertised and propagated throughout the network leading to packet loss. Having an automated approach to detect and correct route leaks is beneficial. In this research, an Enterprise environment was emulated with Autonomous Systems (AS) running Border Gateway Protocol (BGP) and a server storing telemetry route data. A network design that detects route leak efficiently and blocks the leaked traffic with the Engineer’s approval was implemented by using prefix lists on edge devices. The proposed detection mechanism considers factors like BGP origin AS, timestamp, and network prefix. The Routing Information Base (RIB) data is stored and analyzed in a database from which the developed algorithm fetches the data for route leak detection, and the alerting system notifies the hijacked AS when a route leak is detected. The results of the algorithm developed enables real-time route leak detection, alerts the respective enterprise, and blocks the network within the local enterprise upon user’s approval.

Data & Analytics
1 of 13
Data Analytics For Service Provider Networks Dr. Levi Perigo Academic Advisor Dr. Kevin Gifford Course Instructor Dewang Gedia Academic Advisor Kartik Bhandary Manasa Suresh Rodney Manuel Sandeep Surendher Siddharth Shah Sowmya Sundaram
 Introduction  Levels of Success  Concept of Operation  Implementation  Performance Results  Why our solution?  Future Work  Conclusion Agenda
Introduction Problem Purpose Causes  Improper network prefixes propagated and preferred – Route Leaks  Border Gateway Protocol is not designed with Security in mind  How Route Leaks happen? (1) Route Misconfiguration (2) Prefix Hijacking  Route leaks result in packet drops, congestion and snooping  Reduce the impact of route leak by instantaneous detection and correction
Current Solution Proposed solution  The prefix is identified by the person experiencing the problem  Routing tables are analyzed manually to identify the threat  Time required : 2 to 3 days  Automated method of prefix Hijack detection  Algorithm to detect if it is valid or invalid  If invalid, with user approval, take action  Time required: less than 10 minutes Introduction
Levels of Success Level 1 1. Design a test environment with BGP peering 2. Integrate data with the analytics platform 3. Establish Internal container connectivity Level 2 1. Framework to collect routing information 2. Develop an algorithm for route leak detection 3. Design real-time alerting upon route leak detection Level 3 1. Develop an algorithm to perform self-healing 2. Ensure the algorithm is scalable and reliable 3. Check the compatibility across various platforms
Route View Collector Telemetry Data Collector 1 Collector Pipeline Data Sent For Analyzing 2 Distributed streaming platform Algorithm! Database Storing data Time Analysis 3 Visualization User Interface Check if self healing is needed or not 4 reply 5 Self healing Configs 6 Concept of Operations
Leak detection code output Automated E-mail for alerting the NOC team Web page to specify user’s choice of action Corrective firewall rule Implementation Monitoring Origin AS vs Prefixes
Results Time performance Detect a route leak Average: 3 minutes Confirm if it is a leak with NOC team (manual) 5 minutes Run the correction code to block prefix (n = 4 routers) 1 minute Overall time from detection to correction Less than 10 minutes Performance Results
212 MAINONEChina TelJSC Comp 212 prefixes were added by MAINONE 21:13 UTC22:27 UTC 21:13 UTC Detect Confirm Correct 3 min 5 min 1 min MAINONEJSC Comp China Tel 21:23 UTC Performance Results – Google Route leak Without our application (74 min) With our application (10 min)
Why our solution? Easily deployed over legacy infrastructure Faster detection and correction of route leaks Monitoring of Prefix vs Origin AS vs timestamp to look for abnormalities Automated alerting mechanism Control of verifying a route leak detection before running the correction Leveraging the use of open source platforms Why our solution?
Extended to a large scale network environment Monitoring traffic flows to check for any sudden changes AS-path monitoring to check the exact route taken by traffic Run the correction code globally to affect the remote AS Future Work
Conclusion  Focused on improving one performance metric - latency - which is the time taken from detection to correction  Learnt a great deal about BGP metrics and route leaks and the kind of impact a route leak can have on a global level  Tried to keep the solution as simple as possible
Spring colloquium

Recommended

Complementing static and dynamic analysis approaches for better
Complementing static and dynamic analysis approaches for betterComplementing static and dynamic analysis approaches for better
Complementing static and dynamic analysis approaches for betterHimanshu Pareek
 
example of sql injection
example of sql injectionexample of sql injection
example of sql injectionCARMEN ALCIVAR
 
Dataviz For Cyber Security
Dataviz For Cyber SecurityDataviz For Cyber Security
Dataviz For Cyber SecurityAwalin Sopan
 
Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...
Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...
Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...Akond Rahman
 
encryption and hash algorithms
encryption and hash algorithmsencryption and hash algorithms
encryption and hash algorithmsCARMEN ALCIVAR
 
An internet worm early warning system
An internet worm early warning systemAn internet worm early warning system
An internet worm early warning systemUltraUploader
 
Automation of Security scanning easy or cheese
Automation of Security scanning easy or cheeseAutomation of Security scanning easy or cheese
Automation of Security scanning easy or cheeseKatherine Golovinova
 
Automation of Security scanning easy or cheese?
Automation of Security scanning easy or cheese?Automation of Security scanning easy or cheese?
Automation of Security scanning easy or cheese?Dmitriy Gumeniuk
 

Recommended

Complementing static and dynamic analysis approaches for better
Complementing static and dynamic analysis approaches for betterComplementing static and dynamic analysis approaches for better
Complementing static and dynamic analysis approaches for betterHimanshu Pareek
 
example of sql injection
example of sql injectionexample of sql injection
example of sql injectionCARMEN ALCIVAR
 
Dataviz For Cyber Security
Dataviz For Cyber SecurityDataviz For Cyber Security
Dataviz For Cyber SecurityAwalin Sopan
 
Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...
Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...
Software Security in DevOps: Synthesizing Practitioners’ Perceptions and Prac...Akond Rahman
 
encryption and hash algorithms
encryption and hash algorithmsencryption and hash algorithms
encryption and hash algorithmsCARMEN ALCIVAR
 
An internet worm early warning system
An internet worm early warning systemAn internet worm early warning system
An internet worm early warning systemUltraUploader
 
Automation of Security scanning easy or cheese
Automation of Security scanning easy or cheeseAutomation of Security scanning easy or cheese
Automation of Security scanning easy or cheeseKatherine Golovinova
 
Automation of Security scanning easy or cheese?
Automation of Security scanning easy or cheese?Automation of Security scanning easy or cheese?
Automation of Security scanning easy or cheese?Dmitriy Gumeniuk
 
[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...
[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...
[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...CODE BLUE
 
50063
5006350063
50063Rui Dong
 
Automating networksecurityassessment
Automating networksecurityassessmentAutomating networksecurityassessment
Automating networksecurityassessmentGlib Pakharenko
 
Penetration testing
Penetration testingPenetration testing
Penetration testingNameen Singh
 
Assessing network security
Assessing network securityAssessing network security
Assessing network securityAbhinit Kumar Sharma
 
Nii sample pt_report
Nii sample pt_reportNii sample pt_report
Nii sample pt_reportChandan Bagai, GWAPT, CEHv8, CCNA
 
Btpsec Sample Penetration Test Report
Btpsec Sample Penetration Test ReportBtpsec Sample Penetration Test Report
Btpsec Sample Penetration Test Reportbtpsec
 
Ecsa Course
Ecsa CourseEcsa Course
Ecsa Coursekeerthana p
 
Outlier+Overview
Outlier+OverviewOutlier+Overview
Outlier+OverviewRami Mardini
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
Penetration testing overview
Penetration testing overviewPenetration testing overview
Penetration testing overviewSupriya G
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing RomSoft SRL
 
Client-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationClient-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationChris Gates
 
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...IRJET Journal
 
Information Security Incidents Survey in Russia
Information Security Incidents Survey in RussiaInformation Security Incidents Survey in Russia
Information Security Incidents Survey in RussiaPositive Hack Days
 
Network Security Forensics
Network Security ForensicsNetwork Security Forensics
Network Security Forensicsseniorsam
 
Slide Deck – Session 11 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 11 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 11 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 11 – FRSecure CISSP Mentor Program 2017FRSecure
 
Cst 630 Inspiring Innovation--tutorialrank.com
Cst 630 Inspiring Innovation--tutorialrank.comCst 630 Inspiring Innovation--tutorialrank.com
Cst 630 Inspiring Innovation--tutorialrank.comPrescottLunt385
 
Web PenTest Sample Report
Web PenTest Sample ReportWeb PenTest Sample Report
Web PenTest Sample ReportOctogence
 
Application Diagnosis with Zend Server Tracing
Application Diagnosis with Zend Server TracingApplication Diagnosis with Zend Server Tracing
Application Diagnosis with Zend Server TracingZendCon
 
CS9222 ADVANCED OPERATING SYSTEMS
CS9222 ADVANCED OPERATING SYSTEMSCS9222 ADVANCED OPERATING SYSTEMS
CS9222 ADVANCED OPERATING SYSTEMSKathirvel Ayyaswamy
 
What is Platform Observability? An Overview
What is Platform Observability? An OverviewWhat is Platform Observability? An Overview
What is Platform Observability? An OverviewKumar Kolaganti
 

More Related Content

What's hot

[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...
[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...
[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...CODE BLUE
 
Automating networksecurityassessment
Automating networksecurityassessmentAutomating networksecurityassessment
Automating networksecurityassessmentGlib Pakharenko
 
Penetration testing
Penetration testingPenetration testing
Penetration testingNameen Singh
 
Btpsec Sample Penetration Test Report
Btpsec Sample Penetration Test ReportBtpsec Sample Penetration Test Report
Btpsec Sample Penetration Test Reportbtpsec
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
Penetration testing overview
Penetration testing overviewPenetration testing overview
Penetration testing overviewSupriya G
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing RomSoft SRL
 
Client-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationClient-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationChris Gates
 
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...IRJET Journal
 
Information Security Incidents Survey in Russia
Information Security Incidents Survey in RussiaInformation Security Incidents Survey in Russia
Information Security Incidents Survey in RussiaPositive Hack Days
 
Network Security Forensics
Network Security ForensicsNetwork Security Forensics
Network Security Forensicsseniorsam
 
Slide Deck – Session 11 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 11 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 11 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 11 – FRSecure CISSP Mentor Program 2017FRSecure
 
Cst 630 Inspiring Innovation--tutorialrank.com
Cst 630 Inspiring Innovation--tutorialrank.comCst 630 Inspiring Innovation--tutorialrank.com
Cst 630 Inspiring Innovation--tutorialrank.comPrescottLunt385
 
Web PenTest Sample Report
Web PenTest Sample ReportWeb PenTest Sample Report
Web PenTest Sample ReportOctogence
 

What's hot (19)

[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...
[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...
[CB20] Keynote2:Practical and Intelligent Incident Response Planning by Russ ...
 
50063
5006350063
50063
 
Automating networksecurityassessment
Automating networksecurityassessmentAutomating networksecurityassessment
Automating networksecurityassessment
 
Penetration testing
Penetration testingPenetration testing
Penetration testing
 
Assessing network security
Assessing network securityAssessing network security
Assessing network security
 
Nii sample pt_report
Nii sample pt_reportNii sample pt_report
Nii sample pt_report
 
Btpsec Sample Penetration Test Report
Btpsec Sample Penetration Test ReportBtpsec Sample Penetration Test Report
Btpsec Sample Penetration Test Report
 
Ecsa Course
Ecsa CourseEcsa Course
Ecsa Course
 
Outlier+Overview
Outlier+OverviewOutlier+Overview
Outlier+Overview
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
Penetration testing overview
Penetration testing overviewPenetration testing overview
Penetration testing overview
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing
 
Client-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationClient-Side Penetration Testing Presentation
Client-Side Penetration Testing Presentation
 
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
 
Information Security Incidents Survey in Russia
Information Security Incidents Survey in RussiaInformation Security Incidents Survey in Russia
Information Security Incidents Survey in Russia
 
Network Security Forensics
Network Security ForensicsNetwork Security Forensics
Network Security Forensics
 
Slide Deck – Session 11 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 11 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 11 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 11 – FRSecure CISSP Mentor Program 2017
 
Cst 630 Inspiring Innovation--tutorialrank.com
Cst 630 Inspiring Innovation--tutorialrank.comCst 630 Inspiring Innovation--tutorialrank.com
Cst 630 Inspiring Innovation--tutorialrank.com
 
Web PenTest Sample Report
Web PenTest Sample ReportWeb PenTest Sample Report
Web PenTest Sample Report
 

Similar to Spring colloquium

Application Diagnosis with Zend Server Tracing
Application Diagnosis with Zend Server TracingApplication Diagnosis with Zend Server Tracing
Application Diagnosis with Zend Server TracingZendCon
 
CS9222 ADVANCED OPERATING SYSTEMS
CS9222 ADVANCED OPERATING SYSTEMSCS9222 ADVANCED OPERATING SYSTEMS
CS9222 ADVANCED OPERATING SYSTEMSKathirvel Ayyaswamy
 
What is Platform Observability? An Overview
What is Platform Observability? An OverviewWhat is Platform Observability? An Overview
What is Platform Observability? An OverviewKumar Kolaganti
 
Survey Results: Common Problems with Microsoft Teams Call Quality
Survey Results: Common Problems with Microsoft Teams Call QualitySurvey Results: Common Problems with Microsoft Teams Call Quality
Survey Results: Common Problems with Microsoft Teams Call Qualitypanagenda
 
Application Performance Troubleshooting 1x1 - Part 2 - Noch mehr Schweine und...
Application Performance Troubleshooting 1x1 - Part 2 - Noch mehr Schweine und...Application Performance Troubleshooting 1x1 - Part 2 - Noch mehr Schweine und...
Application Performance Troubleshooting 1x1 - Part 2 - Noch mehr Schweine und...rschuppe
 
T3 Consortium's Performance Center of Excellence
T3 Consortium's Performance Center of ExcellenceT3 Consortium's Performance Center of Excellence
T3 Consortium's Performance Center of Excellenceveehikle
 
Novetta Cyber Analytics
Novetta Cyber AnalyticsNovetta Cyber Analytics
Novetta Cyber AnalyticsNovetta
 
Analysis of IT Monitoring Using Open Source Software Techniques: A Review
Analysis of IT Monitoring Using Open Source Software Techniques: A ReviewAnalysis of IT Monitoring Using Open Source Software Techniques: A Review
Analysis of IT Monitoring Using Open Source Software Techniques: A ReviewIJERD Editor
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
Free OpManager training_Part 1- Discovery & classification
Free OpManager training_Part 1- Discovery & classificationFree OpManager training_Part 1- Discovery & classification
Free OpManager training_Part 1- Discovery & classificationManageEngine, Zoho Corporation
 
Online Exam Proctoring using Deep Learning
Online Exam Proctoring using Deep LearningOnline Exam Proctoring using Deep Learning
Online Exam Proctoring using Deep LearningIRJET Journal
 
SRECon-Europe-2017: Reducing MTTR and False Escalations: Event Correlation at...
SRECon-Europe-2017: Reducing MTTR and False Escalations: Event Correlation at...SRECon-Europe-2017: Reducing MTTR and False Escalations: Event Correlation at...
SRECon-Europe-2017: Reducing MTTR and False Escalations: Event Correlation at...Michael Kehoe
 
14.project online eamination system
14.project online eamination system14.project online eamination system
14.project online eamination systemjbpatel7290
 
How to improve your system monitoring
How to improve your system monitoringHow to improve your system monitoring
How to improve your system monitoringAndrew White
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
Drive Faster Quality Insights through Customized Test Automation - Part 2
Drive Faster Quality Insights through Customized Test Automation - Part 2Drive Faster Quality Insights through Customized Test Automation - Part 2
Drive Faster Quality Insights through Customized Test Automation - Part 2Perfecto by Perforce
 
Fine grained two-factor access control for cloud
Fine grained two-factor access control for cloud Fine grained two-factor access control for cloud
Fine grained two-factor access control for cloud allan sam
 
NSA Capstone Project III final pp
NSA Capstone Project III final ppNSA Capstone Project III final pp
NSA Capstone Project III final ppAlfonso Zamorano
 

Similar to Spring colloquium (20)

Application Diagnosis with Zend Server Tracing
Application Diagnosis with Zend Server TracingApplication Diagnosis with Zend Server Tracing
Application Diagnosis with Zend Server Tracing
 
CS9222 ADVANCED OPERATING SYSTEMS
CS9222 ADVANCED OPERATING SYSTEMSCS9222 ADVANCED OPERATING SYSTEMS
CS9222 ADVANCED OPERATING SYSTEMS
 
What is Platform Observability? An Overview
What is Platform Observability? An OverviewWhat is Platform Observability? An Overview
What is Platform Observability? An Overview
 
Survey Results: Common Problems with Microsoft Teams Call Quality
Survey Results: Common Problems with Microsoft Teams Call QualitySurvey Results: Common Problems with Microsoft Teams Call Quality
Survey Results: Common Problems with Microsoft Teams Call Quality
 
Application Performance Troubleshooting 1x1 - Part 2 - Noch mehr Schweine und...
Application Performance Troubleshooting 1x1 - Part 2 - Noch mehr Schweine und...Application Performance Troubleshooting 1x1 - Part 2 - Noch mehr Schweine und...
Application Performance Troubleshooting 1x1 - Part 2 - Noch mehr Schweine und...
 
T3 Consortium's Performance Center of Excellence
T3 Consortium's Performance Center of ExcellenceT3 Consortium's Performance Center of Excellence
T3 Consortium's Performance Center of Excellence
 
Novetta Cyber Analytics
Novetta Cyber AnalyticsNovetta Cyber Analytics
Novetta Cyber Analytics
 
Analysis of IT Monitoring Using Open Source Software Techniques: A Review
Analysis of IT Monitoring Using Open Source Software Techniques: A ReviewAnalysis of IT Monitoring Using Open Source Software Techniques: A Review
Analysis of IT Monitoring Using Open Source Software Techniques: A Review
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
 
Free OpManager training_Part 1- Discovery & classification
Free OpManager training_Part 1- Discovery & classificationFree OpManager training_Part 1- Discovery & classification
Free OpManager training_Part 1- Discovery & classification
 
presentation_SB_v01
presentation_SB_v01presentation_SB_v01
presentation_SB_v01
 
Online Exam Proctoring using Deep Learning
Online Exam Proctoring using Deep LearningOnline Exam Proctoring using Deep Learning
Online Exam Proctoring using Deep Learning
 
Prasad_Meduri
Prasad_MeduriPrasad_Meduri
Prasad_Meduri
 
SRECon-Europe-2017: Reducing MTTR and False Escalations: Event Correlation at...
SRECon-Europe-2017: Reducing MTTR and False Escalations: Event Correlation at...SRECon-Europe-2017: Reducing MTTR and False Escalations: Event Correlation at...
SRECon-Europe-2017: Reducing MTTR and False Escalations: Event Correlation at...
 
14.project online eamination system
14.project online eamination system14.project online eamination system
14.project online eamination system
 
How to improve your system monitoring
How to improve your system monitoringHow to improve your system monitoring
How to improve your system monitoring
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
 
Drive Faster Quality Insights through Customized Test Automation - Part 2
Drive Faster Quality Insights through Customized Test Automation - Part 2Drive Faster Quality Insights through Customized Test Automation - Part 2
Drive Faster Quality Insights through Customized Test Automation - Part 2
 
Fine grained two-factor access control for cloud
Fine grained two-factor access control for cloud Fine grained two-factor access control for cloud
Fine grained two-factor access control for cloud
 
NSA Capstone Project III final pp
NSA Capstone Project III final ppNSA Capstone Project III final pp
NSA Capstone Project III final pp
 

Recently uploaded

EMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptx
EMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptxEMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptx
EMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptxthyngster
 
How we prevented account sharing with MFA
How we prevented account sharing with MFAHow we prevented account sharing with MFA
How we prevented account sharing with MFAAndrei Kaleshka
 
From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...Florian Roscheck
 
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024thyngster
 
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130Suhani Kapoor
 
Customer Service Analytics - Make Sense of All Your Data.pptx
Customer Service Analytics - Make Sense of All Your Data.pptxCustomer Service Analytics - Make Sense of All Your Data.pptx
Customer Service Analytics - Make Sense of All Your Data.pptxEmmanuel Dauda
 
Schema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfSchema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfLars Albertsson
 
Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...
Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...
Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...ThinkInnovation
 
Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Dubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls DubaiDubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls Dubaihf8803863
 
PKS-TGC-1084-630 - Stage 1 Proposal.pptx
PKS-TGC-1084-630 - Stage 1 Proposal.pptxPKS-TGC-1084-630 - Stage 1 Proposal.pptx
PKS-TGC-1084-630 - Stage 1 Proposal.pptxPramod Kumar Srivastava
 
RadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfRadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfgstagge
 
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Callshivangimorya083
 
9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort service
9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort service9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort service
9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort servicejennyeacort
 
VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...
VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...
VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...Suhani Kapoor
 
{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...
{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...
{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...Pooja Nehwal
 

Recently uploaded (20)

EMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptx
EMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptxEMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptx
EMERCE - 2024 - AMSTERDAM - CROSS-PLATFORM TRACKING WITH GOOGLE ANALYTICS.pptx
 
How we prevented account sharing with MFA
How we prevented account sharing with MFAHow we prevented account sharing with MFA
How we prevented account sharing with MFA
 
From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...
 
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
 
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
 
Customer Service Analytics - Make Sense of All Your Data.pptx
Customer Service Analytics - Make Sense of All Your Data.pptxCustomer Service Analytics - Make Sense of All Your Data.pptx
Customer Service Analytics - Make Sense of All Your Data.pptx
 
VIP Call Girls Service Charbagh { Lucknow Call Girls Service 9548273370 } Boo...
VIP Call Girls Service Charbagh { Lucknow Call Girls Service 9548273370 } Boo...VIP Call Girls Service Charbagh { Lucknow Call Girls Service 9548273370 } Boo...
VIP Call Girls Service Charbagh { Lucknow Call Girls Service 9548273370 } Boo...
 
Schema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfSchema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdf
 
Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...
Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...
Predictive Analysis - Using Insight-informed Data to Determine Factors Drivin...
 
Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
Dubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls DubaiDubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls Dubai
 
PKS-TGC-1084-630 - Stage 1 Proposal.pptx
PKS-TGC-1084-630 - Stage 1 Proposal.pptxPKS-TGC-1084-630 - Stage 1 Proposal.pptx
PKS-TGC-1084-630 - Stage 1 Proposal.pptx
 
RadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfRadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdf
 
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
 
9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort service
9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort service9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort service
9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort service
 
VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...
VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...
VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...
 
E-Commerce Order PredictionShraddha Kamble.pptx
E-Commerce Order PredictionShraddha Kamble.pptxE-Commerce Order PredictionShraddha Kamble.pptx
E-Commerce Order PredictionShraddha Kamble.pptx
 
꧁❤ Aerocity Call Girls Service Aerocity Delhi ❤꧂ 9999965857 ☎️ Hard And Sexy ...
꧁❤ Aerocity Call Girls Service Aerocity Delhi ❤꧂ 9999965857 ☎️ Hard And Sexy ...꧁❤ Aerocity Call Girls Service Aerocity Delhi ❤꧂ 9999965857 ☎️ Hard And Sexy ...
꧁❤ Aerocity Call Girls Service Aerocity Delhi ❤꧂ 9999965857 ☎️ Hard And Sexy ...
 
{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...
{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...
{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...
 
Call Girls in Saket 99530🔝 56974 Escort Service
Call Girls in Saket 99530🔝 56974 Escort ServiceCall Girls in Saket 99530🔝 56974 Escort Service
Call Girls in Saket 99530🔝 56974 Escort Service
 

Spring colloquium

  • 1. Data Analytics For Service Provider Networks Dr. Levi Perigo Academic Advisor Dr. Kevin Gifford Course Instructor Dewang Gedia Academic Advisor Kartik Bhandary Manasa Suresh Rodney Manuel Sandeep Surendher Siddharth Shah Sowmya Sundaram
  • 2.  Introduction  Levels of Success  Concept of Operation  Implementation  Performance Results  Why our solution?  Future Work  Conclusion Agenda
  • 3. Introduction Problem Purpose Causes  Improper network prefixes propagated and preferred – Route Leaks  Border Gateway Protocol is not designed with Security in mind  How Route Leaks happen? (1) Route Misconfiguration (2) Prefix Hijacking  Route leaks result in packet drops, congestion and snooping  Reduce the impact of route leak by instantaneous detection and correction
  • 4. Current Solution Proposed solution  The prefix is identified by the person experiencing the problem  Routing tables are analyzed manually to identify the threat  Time required : 2 to 3 days  Automated method of prefix Hijack detection  Algorithm to detect if it is valid or invalid  If invalid, with user approval, take action  Time required: less than 10 minutes Introduction
  • 5. Levels of Success Level 1 1. Design a test environment with BGP peering 2. Integrate data with the analytics platform 3. Establish Internal container connectivity Level 2 1. Framework to collect routing information 2. Develop an algorithm for route leak detection 3. Design real-time alerting upon route leak detection Level 3 1. Develop an algorithm to perform self-healing 2. Ensure the algorithm is scalable and reliable 3. Check the compatibility across various platforms
  • 6. Route View Collector Telemetry Data Collector 1 Collector Pipeline Data Sent For Analyzing 2 Distributed streaming platform Algorithm! Database Storing data Time Analysis 3 Visualization User Interface Check if self healing is needed or not 4 reply 5 Self healing Configs 6 Concept of Operations
  • 7. Leak detection code output Automated E-mail for alerting the NOC team Web page to specify user’s choice of action Corrective firewall rule Implementation Monitoring Origin AS vs Prefixes
  • 8. Results Time performance Detect a route leak Average: 3 minutes Confirm if it is a leak with NOC team (manual) 5 minutes Run the correction code to block prefix (n = 4 routers) 1 minute Overall time from detection to correction Less than 10 minutes Performance Results
  • 9. 212 MAINONEChina TelJSC Comp 212 prefixes were added by MAINONE 21:13 UTC22:27 UTC 21:13 UTC Detect Confirm Correct 3 min 5 min 1 min MAINONEJSC Comp China Tel 21:23 UTC Performance Results – Google Route leak Without our application (74 min) With our application (10 min)
  • 10. Why our solution? Easily deployed over legacy infrastructure Faster detection and correction of route leaks Monitoring of Prefix vs Origin AS vs timestamp to look for abnormalities Automated alerting mechanism Control of verifying a route leak detection before running the correction Leveraging the use of open source platforms Why our solution?
  • 11. Extended to a large scale network environment Monitoring traffic flows to check for any sudden changes AS-path monitoring to check the exact route taken by traffic Run the correction code globally to affect the remote AS Future Work
  • 12. Conclusion  Focused on improving one performance metric - latency - which is the time taken from detection to correction  Learnt a great deal about BGP metrics and route leaks and the kind of impact a route leak can have on a global level  Tried to keep the solution as simple as possible