Abstract
The Internet is an interconnection of Autonomous Systems (ASes) of which many are controlled by Internet Service Providers (ISPs). ASes use Border Gateway Protocol (BGP) to communicate routing information to each other. BGP does not allow a network to control how its traffic is routed. As a result, traffic belonging to a specific network can be intentionally dropped as it is routed by BGP through a malicious ISP; a behavior we define as Internet access denial. The impact of Internet access denial, especially when performed by higher-tier ISPs, can be severe. In this paper, Network Address Translation (NAT) is used as a solution to overcome the Internet access denial problem by hiding the traffic identity. The proposed solution is scalable to fit large networks, by using pools of IP addresses across several NAT routers. Under high network load, the performance degradation of introducing NAT on the end-to-end delay and throughput is at most 0.2% and 0.3%, respectively.
| Original language | English |
|---|---|
| Title of host publication | 2011 Canadian Conference on Electrical and Computer Engineering, CCECE 2011 |
| Pages | 1004-1008 |
| Number of pages | 5 |
| DOIs | |
| State | Published - 2011 |
Publication series
| Name | Canadian Conference on Electrical and Computer Engineering |
|---|---|
| ISSN (Print) | 0840-7789 |
UN SDGs
This output contributes to the following UN Sustainable Development Goals (SDGs)
-
SDG 9 Industry, Innovation, and Infrastructure
Keywords
- Internet access denial
- NAT
- OPNET
- higher-tier ISP
- traffic identity hiding
ASJC Scopus subject areas
- Hardware and Architecture
- Electrical and Electronic Engineering
Fingerprint
Dive into the research topics of 'Internet access denial by higher-tier ISPs: A nat-based solution'. Together they form a unique fingerprint.Cite this
- APA
- Author
- BIBTEX
- Harvard
- Standard
- RIS
- Vancouver