We are getting more dependent on Internet and Cloud services and there is an increasing understanding of the importance of resiliency and availability of such services. An online service today is no longer a single unit that is hosted at one particular location. In fact, such a service has become a collection of micro-services that are hosted at diverse geographic locations that may be under different jurisdictions. A closer look reveals that services which most nations rely on are not contained within the respective national borders. Examples include services such as Facebook, Google, Whatsapp, Financial services and various App Stores, including vendor services for configuration, backup etc. Consequently, an increasing number of states are invoking the need for national autonomy to impose tighter controls on service placement and Internet connectivity. While these fears could be warranted, a premature push in this direction may undermine the very fabric of openness and trust that binds the Internet together. GAIA aims to cover an important knowledge in this respect, which is the lack of maps that describe the geographic distribution of online services, inter-dependencies for outages across geographical regions, how Internet traffic travels between different countries and the interplay between geopolitics and Internet connectivity. It achieves that through an interdisciplinary effort that combines technological and political aspects of the problem.
We have accomplished a number of steps towards realizing GAIA's vision. More specifically, we are using active nodes to probe connectivity and understand the global interdependencies with measurements in Asia, Europe and North America, to monitor the stability of the global routing system, which is a crucial infrastructure for the data delivery between computers across the globe. We have also built three unique test infrastructures that we are using to dissect the services that a mobile app is dependent on, to test physical attacks on fiber optics and to detect and understand how we can mitigate attacks in typical internet provider network infrastructures. Our results, thus far, are promising. We have developed novel methods to detect stealthy attacks on the physical and logical layer of internet infrastructures. Furthermore, we have developed an approach to accurately map digital services that a particular app uses, and geolocate them to better understand international dependencies for a particular service.
We have developed methods based on machine learning to automatically analyze log data from large networks and make the classification of errors a basis for automatic correction of error situations, which is important for realizing the vision of "self driving networks" that can repair themselves when an error occurs.
We have used our infrastructure to explore internet traffic test cases and describe cases where traffic takes unexpected routes. We find that packets often do not follow the shortest path between two countries and that travel paths of data packets change over time, without consideration to geopolitical matters or the privacy concerns of individuals. To assess worldwide infrastructure, and to aid in our goal of understanding the links between geopolitics and internet connectivity, we performed country level analysis of telecommunication infrastructure and analyzed how this infrastructure changed from 2010 to 2020.
We have analyzed geographic dependencies at the application level and found dependencies for popular services such as social media, payment services and video conferencing. The dependencies are compared across different countries and we can show significant dependency on international microservices in different regions, this dependency is particularly significant for smaller countries.
The project has also researched techniques relevant to protect physical layer communication by using fiber for sensor purposes. Techniques studied include both Distributed Acoustic Sensing (DAS) and monitoring of SoP. An instrument and system for measuring and collecting data for the light's state of polarization (SoP -State of Polarization), which indicates movements in the fiber, has been developed and demonstrated in the lab and field. The methods can potentially be used to monitor potential threats against all types of fiber cables in the sea, buried, in the air, as well as power cables. The results are expected to be used further for research and development of systems for monitoring physical fiber networks.
Prosjektet har utviklet avansert programvare for geolokalisering av IP-adresser som benyttes i analyse av geografisk avhengighet av mikrotjenester. Metodene er publisert internasjonalt og programvaren er gjort tilgjengelig. Dette verktøyet vil benyttes i videre arbeide og øker presisjon for geolokalisering av IP-adresser for kritisk infrastruktur til bruk i videre forskning.
Det er utviklet metoder for å detektere hvilke sjøkabler som benyttes for en bestemt kommunikasjon. Sjøkabler håndterer mesteparten av internasjonal kommunikasjon og er kritisk infrastruktur for de fleste tjenester. Identifikasjon av sjøkabler gjøres ved å klassifisere infrastruktur som benyttes for kommunikasjon mellom to IP-adresser, og identifisere om og eventuelt hvilken undersjøisk fiberkabel som forbindelsen benytter.
Prosjektet har gjennom samarbeide med en internasjonal telecom-leverandør utviklet avansert programvare som understøtter utstyr for polarisasjonsdeteksjon for automatisering av tester for fysiske fibernett basert på endring av polarisasjon. Dette utstyret vil benyttes til videre til forskning og utvikling av systemer for overvåking av fysiske fibernett for deteksjon av innbrudd, avlytting og fysiske trusler for fysiske fibernett både landbasert og sjøkabler.
Cyberspace is increasingly distributed thanks to the recent advances in cloud computing and higher network capacities. An online service is now a collection of macro services that are hosted at diverse geographic locations that can be under different jurisdictions. A closer look reveals that services, which most nations rely on, are not contained within the respective national borders. While desired and applauded, this flexibility will increase the society’s vulnerability to cyber attacks and major disruptions. On other hand, an evident recent hike in cyber attacks and their potential harmful ramifications have made combating cyber vulnerabilities a national security priority. This is often reflected in a rising chorus calling for national autonomy in critical infrastructures. The Internet, however, has thus far been built on openness and trust. Attempts to impose rigid controls may result in the so-called splinternet, where different regions and countries will slowly secede from today’s Internet. This in turn may lead to a less robust and scalable Internet. Unfortunately, we currently lack necessary tools that tie cyber connectivity and vulnerabilities to everyday realities. We also do not have representative models that can help answering various what-if questions of relevance to potential impacts of imposing national autonomy. This project will develop new methods, metrics and frameworks for understanding the complex interplay between digital vulnerabilities and national autonomy. It will adopt an empirical approach to investigating characteristics of end to end Internet paths and overlaying them onto the physical world. Then leverage this to assess potential vulnerabilities, of an online service, to topological and wide-area attacks. Furthermore, it will explore the interplay between more autonomy and centralization on one hand and Internet robustness and reliability on the other hand.
