Data sent over the Internet can be monitored and manipulated by intermediate entities in the data path from the source to the destination. For unencrypted communications (and some encrypted communications with known weaknesses), eavesdropping and man-in-the-middle attacks are possible. For encrypted communication, the identification of the communicating endpoints is still revealed. In addition, encrypted communications may be stored until such time as newly discovered weaknesses in the encryption algorithm or advances in computer hardware render them readable by attackers. In this work, we use public data to evaluate both advertised and observed routes through the Internet and measure the extent to which communications between pairs of countries are exposed to other countries. We use both physical router geolocation as well as the country of registration of the companies owning each router. We find a high level of information exposure; even physically adjacent countries use routes that involve many other countries. We also found that countries that are well 'connected' tend to be more exposed. Our analysis indicates that there exists a tradeoff between robustness and information exposure in the current Internet.
[1]
Christos Papadopoulos,et al.
Characterizing International BGP Detours
,
2015
.
[2]
Jennifer Rexford,et al.
Nation-State Routing: Censorship, Wiretapping, and BGP
,
2009,
ArXiv.
[3]
M E J Newman.
Assortative mixing in networks.
,
2002,
Physical review letters.
[4]
kc claffy,et al.
Geocompare: a comparison of public and commercial geolocation databases - Technical Report
,
2011
.
[5]
Peter Mell,et al.
Measuring Limits on the Ability of Colluding Countries to Partition the Internet
,
2015
.
[6]
Peter Mell,et al.
The Resilience of the Internet to Colluding Country Induced Connectivity Disruptions
,
2015,
NDSS 2015.
[7]
Nick Feamster,et al.
Characterizing and Avoiding Routing Detours Through Surveillance States
,
2016,
ArXiv.