[tor-dev] Using Traceroute for AS-Path prediction

David Stainton dstainton415 at gmail.com
Thu Feb 26 21:06:06 UTC 2015 

Hi Simon, Hi tor-dev list,

Very cool project idea! I believe this could be useful for gathering
information about censorship events. Perhaps Arturo and the rest of
the OONI team will be interested in this.

This seems at least somewhat related to the reverse traceroute
research I did... and anyway forward and reverse traceroute might be
helpful for your research as it would give you more data points to
compare to the BGP AS information.

However please forgive me if I am changing the subject to something
beyond the scope of your interests:

I recently wrote a novel TCP traceroute implementation in golang
called ParasiticTraceroute. It uses Linux NFQueue to mangle local TCP
flows... altering the TTL and thus effecting a traceroute. However the
NFQueue API can also be used to send out duplicate packets... so as
not to drop packets and cause TCP retransmissions.

Anyhow ParasiticTraceroute can do forward and reverse TCP
traceroute... and if you traceroute your own server (for instance a
tor relay) with this tool you get the reverse traceroute of connecting
clients... and possibly learn their RFC1918 addresses of NAT devices
in the route; (I haven't tried with NAT devices yet).

Ethan Katz-Bassett and other researchers at University of Washington
have done some really excellent research into designing an even more
sophisticated reverse traceroute system. Their system does not require
cooperative servers or clients... I highly recommend watching Ethan's
video presentation or reading their paper:

http://research.cs.washington.edu/networking/astronomy/reverse-traceroute.html


Sincerely,
David Stainton

On Thu, Feb 26, 2015 at 4:33 PM, Simon Koch <simkoc at postfach.it> wrote:
> I am a student at the saarland university and currently workin on my
> bachelor thesis concerning AS-path prediction using traceroute.
> I want to correlate open-source BGP data and corresponding traceroute
> measurements. In the end I want to argue whether or not traceroute
> can be valid tool for live as-path prediction based on the matching and
> representation of changes in the respective (AS-)routes over time.
>
> I already did a preliminary measurement during which I gathered 2 month
> worth of traceroute information to different tor-nodes and correlated them
>  with the BGP data available at RIPE-RIS. It turned out, that routes
> predominantly matched and that a high percentage of bgp route
> changes were also present in traceroute routes. Though only a smaller number
> of traceroute route changes were present in bgp routes.
> This leads to the assumption that traceroute might be a good as-path
> measurement-tool, as it would be quite unlikely that BGP AS Paths would
> match AS paths derived from traceroute measurements if traceroute could not
> reliable measure them.
> This information was only inferred from only one measurement point, though.
>
> As this topic may also be of interrest to tor I was wondering if anyone had
> some opionions on the general idea or knew
> some papers/researcher which are on the same track. I already read:
> * Towards an Accurate AS-Level Traceroute Tool
> * Quantifying the Pitfalls of Traceroute in AS Connectivity
> * Inferring AS-level Internet Topology from Router-Level Path Traces
> * A Study on Traceroute Potential in Revealing the Internet AS-Level
> Topology
> * Mixing Biases: Structure Changes in the AS Topology Evolution
> but I have the nagging feeling that there should be more.
> Further I am looking for a way to establish more measurement points to
> ensure a diversity in the data collection. Those points have to be in
> AS-peers
> of either the route-views project (zebra routers) or RIPE-RIS so I can also
> access the corresponding MRT-Data. I figured that traceroute.org Looking
> Glass
> may provide a way of doing so, but I am afraid that the overlap of Looking
> Glass servers and public BGP-peers is very small. Any idea on how
> to establish diverse measurementpoints (maybe volunteers) would be greatly
> appreciated.
>
> Regards,
>
> Simon
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

More information about the tor-dev mailing list