Illuminating Router Vendor Diversity Within Providers and Along Network Paths

TL;DR

This paper introduces LFP, a new tool for accurately identifying router vendors across the Internet, enabling better understanding of vendor diversity, regional distribution, and implications for security and routing policies.

Contribution

The paper presents LFP, an improved router fingerprinting method that enhances coverage, accuracy, and efficiency over existing techniques, and applies it to analyze vendor heterogeneity and policy implications.

Findings

LFP achieves higher accuracy and coverage in router vendor identification.

Significant regional variation in vendor distribution was observed.

Potential for vendor-based routing policies to mitigate security risks was demonstrated.

Abstract

The Internet architecture has facilitated a multi-party, distributed, and heterogeneous physical infrastructure where routers from different vendors connect and inter-operate via IP. Such vendor heterogeneity can have important security and policy implications. For example, a security vulnerability may be specific to a particular vendor and implementation, and thus will have a disproportionate impact on particular networks and paths if exploited. From a policy perspective, governments are now explicitly banning particular vendors, or have threatened to do so. Despite these critical issues, the composition of router vendors across the Internet remains largely opaque. Remotely identifying router vendors is challenging due to their strict security posture, indistinguishability due to code sharing across vendors, and noise due to vendor mergers. We make progress in overcoming these challenges by developing LFP, a tool that improves the coverage, accuracy, and efficiency of router fingerprinting as compared to the current state-of-the-art. We leverage LFP to characterize the degree of router vendor homogeneity within networks and the regional distribution of vendors. We then take a path-centric view and apply LFP to better understand the potential for correlated failures and fate-sharing. Finally, we perform a case study on inter- and intra-United States data paths to explore the feasibility to make vendor-based routing policy decisions, i.e., whether it is possible to avoid a particular vendor given the current infrastructure.