Software defends networks against outages and cyberattacks
The internet, with its unprecedented success and global scale as a network of networks, depends heavily on few fundamental technologies. One of these technologies is the Border Gateway Protocol (BGP). “BGP is the glue that holds the internet together,” explains PHILOS project coordinator Xenofontas Dimitropoulos, researcher at the Foundation for Research & Technology – Hellas, Greece. “It is a critically important networking protocol, which is used by internet service providers (ISPs) to exchange information about the paths that will be used to send traffic to different destinations.” Although this protocol was designed some three decades ago, it does not by default authorise and validate the information exchanged between ISPs for establishing end-to-end paths. What this means in practice is that an ISP can intentionally, or more commonly by accident, send incorrect paths to a neighbour, misleading them to select a wrong route for sending traffic. “This can lead to internet outages,” says Dimitropoulos. “It can even open the door to sophisticated cyberattacks involving eavesdropping on or manipulating internet traffic.” Cyberattacks can be devastating. Offenders can impersonate victim networks, steal sensitive information, or stealthily intercept and manipulate traffic destined to legitimate destinations. Such incidents often make the headlines as they can cause major havoc.
Protecting networks
One reason why this weakness has proven so hard to overcome is because there are literally tens of thousands of ISPs dotted around the world. New BGP security add-ons need to be deployed by most ISPs before they start becoming effective. “Even then, BGP is still vulnerable to several attacks, which means ISPs have little incentive to deploy BGP security add-ons,” adds Dimitropoulos. “Global deployment then progresses very slowly.” The PHILOS project, supported by the European Research Council, sought to address the weaknesses inherent in BGP by pursuing a different strategy. The team set out to develop and test novel proof of concept software capable of detecting and mitigating incidents such as major outages within a few seconds. “We developed software called ARTEMIS, and tested this with a handful of real-world ISPs in Greece and the United States,” notes Dimitropoulos. “This involved us working very closely with the ISP network operators. It was critical that they were willing to try this state-of-the-art approach to protect their network.” What makes the PHILOS approach different, remarks Dimitropoulos, is that the software delivers real-time detection and automated mitigation using novel algorithms and technologies. This reduces the duration of detection and mitigation from hours and days, down to a few seconds.
Bright business idea
The potential benefits for ISPs are clear. Network outages cost millions of euro, disrupt business and leave consumers deeply unsatisfied with their service. This taps into the second key objective of the PHILOS project, which was to investigate the potential of commercialising the software through a future start-up. Dimitropoulos and his team have presented ARTEMIS at network operator conferences, in order to raise awareness of their novel approach to network security. It helped that several of the largest telecommunication internet providers used ARTEMIS through the PHILOS project to protect their network. “We are actively exploring possibilities for commercialising this technology,” says Dimitropoulos. “Our aim is to build a spinoff company in 2021, and we are currently in talks with potential customers and investors. Bringing this innovation to market, and building a long-term sustainable business, would certainly be a great outcome.”
Keywords
PHILOS, internet, cyberattacks, BGP, network, ISP, software, algorithms
