Two tools available for network operators for rapid detection of BGP anomalies

Evaluating BGP Replay Tool (BRT) using generated BGP updates and past BGP events

The Centre for Advanced Internet Architectures (CAIA) from the Swinburne University of Technology, explored a new technique that quickly detects different BGP anomalies as part of their Internet Operations Research Grant they received from ISIF Asia during 2016 and implemented during 2017.

The Internet’s default inter-domain routing protocol, the Border Gateway Protocol (BGP) is vulnerable to different types of anomalies such as hijacking, misconfiguration, and Denial of Service (DoS) attacks. Although considerable research has been carried out into BGP anomalies, existing approaches were not able to mitigate or identify BGP misconfiguration and lack of ground truth time stamps for BGP events.

In this project, CAIA’s team introduced two new tools, real-time BGP Anomaly Detection Tool (RTBADT) and BGP Replay Tool (BRT), to detect BGP anomalies in real-time. Specifically, RTBADT can be used by ISP operators to monitor and detect BGP anomalies through peering it with the intended peer AS, while BRT is able to replay past BGP updates with time-stamps. These tools enable network operators to protect their network from the worst consequence and mitigate the threats of Internet stability.

Read their technical report to find more about the outcomes of this research project and its contribution to support network operators https://application.isif.asia/theme/default/files/ISIFAsia_2016_Grants_TechReport_SwinburneUni_AU_BGPResearch.pdf

Computer Emergency Response Team established in Tonga

As the first national CERT in the Pacific Islands, certTonga was established in July 2016, in order to provide “A safe and secure digital environment for the Kingdom of Tonga and its citizens”. The team aimed at conducting incident handling, performing vulnerability handling, and providing security consultation and advice at Tonga and greater Pacific.

The Cybersecurity grant, funded by Internet Society, assisted in the setting up of Tonga CERT’s capacity and capability to undertake its mandated function. APNIC and it’s Foundation also helped find opportunities for certTonga Staff to partake in capacity building activities and chances to collaborate and form partnerships with relevant organizations.

During the project implementation, there has been many awareness and educational initiatives in relation to the functions of the CERT and through the better understanding of its security role in the government and society, participation and involvement is being increased from time to time.

certTonga
certTonga

certTonga is now playing a vital role in the Tonga Police investigation process which has placed the certTonga in a position to be actively planned to grow in all areas to be able to cope with the demand. There is a particular focus on building capacity of the team as it is now essential to the continuous operation of the CERT as well as obtaining a reliable information obtained from a verified sources and undisturbed evidences.

The Final Technical Report “Developing certTonga” is available for download.

ISIF Asia 2016 grant recipients announced!

ISIF Asia 2016 Grants

The first CERT in the Pacific, a Peering Strategy for the Pacific, and a mobile app reader to access books in Thailand’s Karen dialects are just some of the initiatives that will receive funding.

This year ISIF Asia will award its largest ever grants pool, across four categories, to support research and development of Internet technologies for the benefit of the Asia Pacific.

APNIC Internet Operations Research Grants

Around AUD 115,000 was awarded to support the following projects:

  • Realistic simulation of uncoded, coded and proxied Internet satellite links with a flexible hardware-based simulator. The University of Auckland, New Zealand. The main focus of this research is to establish realistic satellite simulator of UDP flows. It also automates experiments run on non-coded and coded configurations. The project builds upon a 2014 ISIF Asia grant to improve connectivity in the Pacific islands (see report).
  • Rapid detection of BGP anomalies. Centre for Advanced Internet Architectures (CAIA), Swinburne University of Technology, This research focuses on producing techniques for the real-time detection of different types of BGP anomalies that can be used by an operator. The evaluation of this tool will be carried out with a controlled testbed using BGP Replay Tool (BRT) to emulate past BGP events.
  • A Peering Strategy for the Pacific Islands. Telco2 Limited, New Zealand. This research continues and expands a set of Internet measurements of latency to Pacific Island telecommunications providers from various locations around the world, that when evaluated in conjunction with submarine cable availability, can be used to determine a metric for efficiency of transit that can be considered along with the economic impact of having an efficient transit. The measurements will be made available in real-time via a web interface to help operators, regulators, and funders understand the physical routing of network traffic, availability of content, and benefits of peering to improve availability, reachability and security of the Internet in the Asia Pacific region.

Internet Society Cybersecurity Grant

With the support from the Internet Society, one grant of AUD 56,000 was allocated for this category, plus additional Monitoring , Evaluation and Communications support valued at AUD 2,500 and a travel grant to participate at the Internet Governance Forum in Guadalajara, Mexico where they will be one of the speakers at the workshop “Cybersecurity – Initiatives in and by the Global South“.

  • Developing Tonga National CERT to the Department of Information & ICT under the Ministry of Meteorology, Energy, Environment, Climate Change, Information, Communication, Disaster Management (MEIDECC), Tonga. The Tonga Computer Emergency Response Team (CERT) launched recently, is the first national CERT in the Pacific region. Tonga CERT was launch with a long-term goal to expand its services to the greater Pacific once fully operational. Tonga CERT will conduct incident handling; perform vulnerability handling; and provide security consultation and advice. Read more from Andrew Toimoana, Director of MEIDECC, Tonga.

Community Impact Grant

The AUD 50,000 Community Impact Grant was awarded to:

  • Equal Access to the Information Society in Myanmar, the Myanmar Book Aid and Preservation Foundation, Myanmar. This project focuses on women and youth, and benefits 500 people through 20 libraries across the country. The curriculum, developed specifically for Myanmar, focuses on critical thinking in a digital environment of smartphones and tablets. It develops the skills of young female leaders by providing them with specialized information technology training, leadership and job skills, and opportunities to engage in critical public discussion. Myanmar Book Aid and Preservation Foundation will also participate in a three-week mentoring program in Singapore, facilitated by JFDI.Asia, valued at AUD 25,000 plus expenses during their stay.

Technical Innovation Grants

Just over 195,000 AUD was allocated to support five projects under the Technical Innovation category.

  • Khushi Baby, India. This project improves digital medical records for mothers and children by streamlining data collection, improving decision making in the field, aiding in district resource management, and delivering effective dialect-specific voice call reminders to mothers. Khushi Baby will also participate in a three-week mentoring program in Singapore, facilitated by JFDI.Asia, valued at AUD 25,000 plus expenses during their stay.

Four small technical innovation grants of up to AUD 30,000 were awarded to:

  • My Community Reader: a Mobile-First Distributed Translation Tool and Reader for Ethnic Minority Languages. The Asia Foundation, Thailand. This project will build, test, and deploy a tool to translate text into minority languages books, significantly expanding the available online library of digital and printable mother-tongue children’s books. It will also deliver a mobile app so people can search the library and download titles on local Android devices.
  • UAV-Aided Resilient Communications for Post Disaster Applications: Demonstrations and Proofs of Concept. Ateneo de Manila University, Philippines. This project will design and demonstrate UAV-borne radio payloads as critical network nodes in the development of a post-disaster resilient, delay tolerant communications system, using both multi-rotor and fixed wing platforms with long range radio payload to demonstrate the concept. The UAV will act as data aggregators and wireless store-and-forward relays for collecting important information and providing connectivity to evacuation centers, ground teams and concerned agencies. Data can be gathered from multiple sources below and delivered to another ground team or to a central station, while it can use the wireless link to broadcast messages to the ground nodes. Relayed information can include survivor profiles, food supply audits, medicine requests, and images of victims. This system will be used to assist response team coordination, hasten rescue efforts, and deliver timely updates, among others.
  • Legalese. Legalese Pte. Ltd. Singapore. This is a web application that will enable the growing Asian population of first-time entrepreneurs and first-time investors to transact seed-stage financing with confidence and without expensive legal fees.  The app educates end-users about entrepreneurial finance, facilitates choosing and configuring investment agreements, manage signatures through to completion, and develops libraries of contract templates for Asian languages and Asian jurisdictions.
  • Deployment of Collaborative Modern HoneyNet to improve Regional Cybersecurity Landscape (CMoHN). Institute of Systems Engineering, Riphah International University, Pakistan. The project will deploy and establish the core skills required to manage and integrate different honeynets and design new honeypots for countering cyber-attacks. The project will connect with other honeynets in the region to form a regional collaborative honeynet network, and promote R&D activities to secure network infrastructure through publications and conducting community awareness seminars.