Since their deployment, BGP route collectors have played a fundamental role in investigating and detecting routing accidents and hijack attempts. However, an increasing number of detection techniques designed for real-time environments show that the lack of interactivity of route collectors represents a limitation to their efficacy, together with the small amount of sources from which data is collected. Both issues stem from the current implementation of route collectors, which relies on single-threaded and general-purpose routing suites to establish BGP sessions and collect data. With this implementation any interactive operation impacts on the collection process and the number of sessions that can be established is limited by memory usage, which is not optimized for route collecting purposes. In this paper we present ICE, a multi-threaded and memory-efficient BGP collecting engine which allows route collectors to overcome the above mentioned limitations. The multi-threaded environment allows us to solve the lack of interactiveness, allowing concurrent read/write operations. Memory efficiency has been obtained thanks to the design of a variant of the Liv-Zempel compression algorithms specifically tailored to operate within a BGP real-time collecting environment. The proposed technique exploits the high degree of repetitiveness characterizing BGP data and reduces the ICE memory usage by as much as 30%.

ICE: A memory-efficient BGP route collecting engine

Gregori E;Guidi B;Improta A;Sani L
2017

Abstract

Since their deployment, BGP route collectors have played a fundamental role in investigating and detecting routing accidents and hijack attempts. However, an increasing number of detection techniques designed for real-time environments show that the lack of interactivity of route collectors represents a limitation to their efficacy, together with the small amount of sources from which data is collected. Both issues stem from the current implementation of route collectors, which relies on single-threaded and general-purpose routing suites to establish BGP sessions and collect data. With this implementation any interactive operation impacts on the collection process and the number of sessions that can be established is limited by memory usage, which is not optimized for route collecting purposes. In this paper we present ICE, a multi-threaded and memory-efficient BGP collecting engine which allows route collectors to overcome the above mentioned limitations. The multi-threaded environment allows us to solve the lack of interactiveness, allowing concurrent read/write operations. Memory efficiency has been obtained thanks to the design of a variant of the Liv-Zempel compression algorithms specifically tailored to operate within a BGP real-time collecting environment. The proposed technique exploits the high degree of repetitiveness characterizing BGP data and reduces the ICE memory usage by as much as 30%.
2017
Istituto di informatica e telematica - IIT
BGP
Data compression
Internet
Route collectors
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.14243/376630
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact