The global Internet is a complex network of interconnected autonomous systems(ASes).Understanding Internet inter-domain path information is crucial for understanding,managing,and improving the Internet.The path inform...The global Internet is a complex network of interconnected autonomous systems(ASes).Understanding Internet inter-domain path information is crucial for understanding,managing,and improving the Internet.The path information can also help protect user privacy and security.However,due to the complicated and heterogeneous structure of the Internet,path information is not publicly available.Obtaining path information is challenging due to the limited measurement probes and collectors.Therefore,inferring Internet inter-domain paths from the limited data is a supplementary approach to measure Internet inter-domain paths.The purpose of this survey is to provide an overview of techniques that have been conducted to infer Internet inter-domain paths from 2005 to 2023 and present the main lessons from these studies.To this end,we summarize the inter-domain path inference techniques based on the granularity of the paths,for each method,we describe the data sources,the key ideas,the advantages,and the limitations.To help readers understand the path inference techniques,we also summarize the background techniques for path inference,such as techniques to measure the Internet,infer AS relationships,resolve aliases,and map IP addresses to ASes.A case study of the existing techniques is also presented to show the real-world applications of inter-domain path inference.Additionally,we discuss the challenges and opportunities in inferring Internet inter-domain paths,the drawbacks of the state-of-the-art techniques,and the future directions.展开更多
The global Internet is composed of more than 70,000 autonomous domain networks interconnected through the Border Gateway Protocol(BGP).Studying the ecological evolution of BGP network is of great significance for anal...The global Internet is composed of more than 70,000 autonomous domain networks interconnected through the Border Gateway Protocol(BGP).Studying the ecological evolution of BGP network is of great significance for analyzing the evolution trend of the global Internet.This paper focuses on the evolution of Country-Level BGP network ecosystems in 24 years,and innovatively studies the relationship between Country-Level BGP network and economy,breaking through the limitations of traditional research that only focuses on BGP network.The results revealed that the number of global BGP networks has increased by nearly 23 times and that network interconnection has increased nearly 80 times over in 24 years.It was found that the growth of the global BGP network ecosystem has slowed overall due to major global security events,although the BGP network ecosystem in some Southeast Asian countries is developing against the trend.At the same time,there is a significant positive correlation between the BGP network ecology and the national economy in the time dimension;there is a strong positive correlation in the spatial dimension,but the trend is weakening year by year.展开更多
Dralll is a type liP restriction endonucleases (REases) that recognizes and creates a double strand break within the gapped palindromic sequence CACTNNN^GTG of double-stranded DNA indicates nicking on the bottom st...Dralll is a type liP restriction endonucleases (REases) that recognizes and creates a double strand break within the gapped palindromic sequence CACTNNN^GTG of double-stranded DNA indicates nicking on the bottom strand; indicates nicking on the top strand). However, wild type Dralll shows significant star activity. In this study, it was found that the prominent star site is CATSGTT;GTG, consisting of a star 5' half (CAT) and a canonical 3' half (GTG). Dralll nicks the 3' canonical half site at a faster rate than the 5' star half site, in contrast to the similar rate with the canonical full site. The crystal structure of the Dralll protein was solved. It indicated, as supported by mutagenesis, that Dralll possesses a ~13a- metal HNH active site. The structure revealed extensive intra-molecular interactions between the N-terminal domain and the C-terminal domain containing the HNH active site. Disruptions of these interactions through site- directed mutagenesis drastically increased cleavage fidelity. The understanding of fidelity mechanisms will enable generation of high fidelity REases.展开更多
The border gateway protocol (BGP) is the default inter domain routing protocol used on the internet for exchanging information between autonomous systems. Available literature suggests that BGP is vulnerable to sessio...The border gateway protocol (BGP) is the default inter domain routing protocol used on the internet for exchanging information between autonomous systems. Available literature suggests that BGP is vulnerable to session hijacking attacks. There are a number of proposals aimed at improving BGP security which have not been fully implemented. This paper examines a number of approaches for securing BGP through a comparative study and identifies the reasons why these proposals have not been implemented commercially. This paper analyses the architecture of internet routing and the design of BGP while focusing on the problem of BGP session hijacking attacks. Using Graphical Network Simulator 3 (GNS-3), a session hijack is demonstrated and a solution which involves the implementation of route filtering, policy-maps and route-maps on CISCO routers representing ASes is carried out. In the end, a workable industry standard framework for securing and protecting BGP sessions and border routers from exploitation with little or no modification to the existing routing infrastructure is demonstrated.展开更多
Inter-domain path computing is one big issue in multi-domain networks. The Hierarchical Path Computing Element (H-PCE) is a semi-central architecture for computing inter-domain path. To facilitate H-PCE in inter-domai...Inter-domain path computing is one big issue in multi-domain networks. The Hierarchical Path Computing Element (H-PCE) is a semi-central architecture for computing inter-domain path. To facilitate H-PCE in inter-domain path computing, this paper proposed a topology aggregation scheme to abstract the edge nodes and their connected inter-domain link as one vertex to achieve more optimal paths and confidentiality guarantee. The effectiveness of the scheme has been demonstrated on solving wavelength routing in multi-domain Wavelength Division Multiplexing (WDM) network via simulation. Simulation results show that this scheme reduces at least 10% inter-domain blocking probability, compared with the traditional Domain-to-the-Node (DtN) scheme.展开更多
Cooperation among service providers, network providers, and access providers in the Internet allows the creation of new services to offer to customers that are in other domains, thus increasing revenue. However, the I...Cooperation among service providers, network providers, and access providers in the Internet allows the creation of new services to offer to customers that are in other domains, thus increasing revenue. However, the Internet heterogeneous environment, where each provider has its own policies, infrastructure and business goals, hinders the deployment of more advanced communication services. This paper presents a Quality of Service (QoS) for Inter-Domain Services (QIDS) model that allows inter-domain QoS-aware services to be defined, configured, and adapted in a dynamic and on-demand fashion, among service providers. This is accomplished by: 1) the use of a common communication channel (business layer) where service providers publish and search for services, and interact with each other to contract and manage these services; 2) the templates to specify the business and technical characteristics of the services; 3) the automatic composition of services using service dements (smaller services) a^cording to performance and service-specific QoS parameters; and 4) the creation and enforcement of configuration rules for the underlying infrastructure. A prototype was implemented to validate QIDS and performance tests were conducted on an inter-domain Border Gateway Protocol (BGP)/Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) scenario.展开更多
Recently, the IP connectivity during the Mobile Node (MN) movement between Base Stations (BSs) belonging to different Internet Service Providers (ISPs) is still a key issue to be tackled. In this paper, therefore, we ...Recently, the IP connectivity during the Mobile Node (MN) movement between Base Stations (BSs) belonging to different Internet Service Providers (ISPs) is still a key issue to be tackled. In this paper, therefore, we develop a new scheme to improve the performance of inter-domain fast handover over mobile WiMAX networks. The framework basically relies on the Fast Handover for Mobile IPv6 protocol (FMIPv6) when the Media Independent Information Services (MIIS) as defined in IEEE802.21 standard is applied to enable the Mobile Node in storing the information of the neighboring networks. A Fully Qualified Domain Name (FQDN) is also used to identify the IP address of the previous network operator and the MN during its movements. Since both MIIS and FQDN can support the node mobility between multiple domains, our proposed scheme can also be called P-FMIPv6. The numerical results show that the latency of IP connectivity of this proposed handover can be significantly reduced in addition to less service disruption time during handovers as compared to the existing FMIPv6 when IEEE802.16e network is considered.展开更多
基金the China Postdoctoral Science Foundation(2023TQ0089)the National Natural Science Foundation of China(Nos.62072465,62172155)the Science and Technology Innovation Program of Hunan Province(Nos.2022RC3061,2023RC3027).
文摘The global Internet is a complex network of interconnected autonomous systems(ASes).Understanding Internet inter-domain path information is crucial for understanding,managing,and improving the Internet.The path information can also help protect user privacy and security.However,due to the complicated and heterogeneous structure of the Internet,path information is not publicly available.Obtaining path information is challenging due to the limited measurement probes and collectors.Therefore,inferring Internet inter-domain paths from the limited data is a supplementary approach to measure Internet inter-domain paths.The purpose of this survey is to provide an overview of techniques that have been conducted to infer Internet inter-domain paths from 2005 to 2023 and present the main lessons from these studies.To this end,we summarize the inter-domain path inference techniques based on the granularity of the paths,for each method,we describe the data sources,the key ideas,the advantages,and the limitations.To help readers understand the path inference techniques,we also summarize the background techniques for path inference,such as techniques to measure the Internet,infer AS relationships,resolve aliases,and map IP addresses to ASes.A case study of the existing techniques is also presented to show the real-world applications of inter-domain path inference.Additionally,we discuss the challenges and opportunities in inferring Internet inter-domain paths,the drawbacks of the state-of-the-art techniques,and the future directions.
文摘The global Internet is composed of more than 70,000 autonomous domain networks interconnected through the Border Gateway Protocol(BGP).Studying the ecological evolution of BGP network is of great significance for analyzing the evolution trend of the global Internet.This paper focuses on the evolution of Country-Level BGP network ecosystems in 24 years,and innovatively studies the relationship between Country-Level BGP network and economy,breaking through the limitations of traditional research that only focuses on BGP network.The results revealed that the number of global BGP networks has increased by nearly 23 times and that network interconnection has increased nearly 80 times over in 24 years.It was found that the growth of the global BGP network ecosystem has slowed overall due to major global security events,although the BGP network ecosystem in some Southeast Asian countries is developing against the trend.At the same time,there is a significant positive correlation between the BGP network ecology and the national economy in the time dimension;there is a strong positive correlation in the spatial dimension,but the trend is weakening year by year.
文摘Dralll is a type liP restriction endonucleases (REases) that recognizes and creates a double strand break within the gapped palindromic sequence CACTNNN^GTG of double-stranded DNA indicates nicking on the bottom strand; indicates nicking on the top strand). However, wild type Dralll shows significant star activity. In this study, it was found that the prominent star site is CATSGTT;GTG, consisting of a star 5' half (CAT) and a canonical 3' half (GTG). Dralll nicks the 3' canonical half site at a faster rate than the 5' star half site, in contrast to the similar rate with the canonical full site. The crystal structure of the Dralll protein was solved. It indicated, as supported by mutagenesis, that Dralll possesses a ~13a- metal HNH active site. The structure revealed extensive intra-molecular interactions between the N-terminal domain and the C-terminal domain containing the HNH active site. Disruptions of these interactions through site- directed mutagenesis drastically increased cleavage fidelity. The understanding of fidelity mechanisms will enable generation of high fidelity REases.
文摘The border gateway protocol (BGP) is the default inter domain routing protocol used on the internet for exchanging information between autonomous systems. Available literature suggests that BGP is vulnerable to session hijacking attacks. There are a number of proposals aimed at improving BGP security which have not been fully implemented. This paper examines a number of approaches for securing BGP through a comparative study and identifies the reasons why these proposals have not been implemented commercially. This paper analyses the architecture of internet routing and the design of BGP while focusing on the problem of BGP session hijacking attacks. Using Graphical Network Simulator 3 (GNS-3), a session hijack is demonstrated and a solution which involves the implementation of route filtering, policy-maps and route-maps on CISCO routers representing ASes is carried out. In the end, a workable industry standard framework for securing and protecting BGP sessions and border routers from exploitation with little or no modification to the existing routing infrastructure is demonstrated.
基金Acknowledgements This work was supported by Chang Jiang Scholars Program of the Ministry of Education of China, National Science Fund for Distinguished Young Scholars under Grant No.60725104 the National Basic Research Program of China under Grant No. 2007CB310706+2 种基金 the National Natural Science Foundation of China under Ca'ant No. 60932002, No. 60932005, No. 61071101 the Hi-Tech Research and Development Program of China under Grant No. 2009AA01Z254, No. 2009AA01Z215 NCEF Program of MoE of China, and Sichuan Youth Science and Technology Foundation under Crant No. 09ZQ026-032.
文摘Inter-domain path computing is one big issue in multi-domain networks. The Hierarchical Path Computing Element (H-PCE) is a semi-central architecture for computing inter-domain path. To facilitate H-PCE in inter-domain path computing, this paper proposed a topology aggregation scheme to abstract the edge nodes and their connected inter-domain link as one vertex to achieve more optimal paths and confidentiality guarantee. The effectiveness of the scheme has been demonstrated on solving wavelength routing in multi-domain Wavelength Division Multiplexing (WDM) network via simulation. Simulation results show that this scheme reduces at least 10% inter-domain blocking probability, compared with the traditional Domain-to-the-Node (DtN) scheme.
文摘Cooperation among service providers, network providers, and access providers in the Internet allows the creation of new services to offer to customers that are in other domains, thus increasing revenue. However, the Internet heterogeneous environment, where each provider has its own policies, infrastructure and business goals, hinders the deployment of more advanced communication services. This paper presents a Quality of Service (QoS) for Inter-Domain Services (QIDS) model that allows inter-domain QoS-aware services to be defined, configured, and adapted in a dynamic and on-demand fashion, among service providers. This is accomplished by: 1) the use of a common communication channel (business layer) where service providers publish and search for services, and interact with each other to contract and manage these services; 2) the templates to specify the business and technical characteristics of the services; 3) the automatic composition of services using service dements (smaller services) a^cording to performance and service-specific QoS parameters; and 4) the creation and enforcement of configuration rules for the underlying infrastructure. A prototype was implemented to validate QIDS and performance tests were conducted on an inter-domain Border Gateway Protocol (BGP)/Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) scenario.
文摘Recently, the IP connectivity during the Mobile Node (MN) movement between Base Stations (BSs) belonging to different Internet Service Providers (ISPs) is still a key issue to be tackled. In this paper, therefore, we develop a new scheme to improve the performance of inter-domain fast handover over mobile WiMAX networks. The framework basically relies on the Fast Handover for Mobile IPv6 protocol (FMIPv6) when the Media Independent Information Services (MIIS) as defined in IEEE802.21 standard is applied to enable the Mobile Node in storing the information of the neighboring networks. A Fully Qualified Domain Name (FQDN) is also used to identify the IP address of the previous network operator and the MN during its movements. Since both MIIS and FQDN can support the node mobility between multiple domains, our proposed scheme can also be called P-FMIPv6. The numerical results show that the latency of IP connectivity of this proposed handover can be significantly reduced in addition to less service disruption time during handovers as compared to the existing FMIPv6 when IEEE802.16e network is considered.
