References of "Donnet, Benoît"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailTCPLS: Modern Transport Services with TCP and TLS
Rochet, Florentin; Assogba, Emery; Piraux, Maxime et al

in International Conference on emerging Networking EXperiments and Technologies (CoNEXT) (2021, December)

TCP and TLS are among the essential protocols in today's Internet. TCP ensures reliable data delivery while TLS secures the data transfer. Although they are very often used together, they have been ... [more ▼]

TCP and TLS are among the essential protocols in today's Internet. TCP ensures reliable data delivery while TLS secures the data transfer. Although they are very often used together, they have been designed independently following the Internet layered model. This paper demonstrates the various benefits that a closer integration between TCP and TLS would bring. By leveraging the extensible TLS 1.3 records, we combine TCP and TLS into TCPLS to build modern transport services such as multiplexing, connection migration, stream steering, and bandwidth aggregation. These services do not modify the TCP wire format and are resistant to middleboxes. TCPLS offers a powerful API enabling applications to precisely express the required transport services, ranging from a single-path single-stream connection to a multi-stream connection over several network paths, enabling choices between aggregated bandwidth and head-of-line blocking avoidance.Compared to MPTCP, our TCPLS prototype offers more control to the application and can be easily deployed as an extension to user-space TLS libraries, while being implemented at a low cost. Measurements demonstrate that it offers higher performance than existing QUIC libraries with a super set of transport services. [less ▲]

Detailed reference viewed: 87 (7 ULiège)
Full Text
Peer Reviewed
See detailWhere is the Light(ning) in the Taproot Dawn? Unveiling the Bitcoin Lightning (IP) Network
Casas, Pedro; Romiti, Matteo; Holzer, Peter et al

in EEE International Conference on Cloud Networking (CloudNet) (2021, November)

Proposed in 2016 and launched in 2018, the Bitcoin (BTC) Lightning Network (LN) can scale-up the capacity of the BTC blockchain network to process a significantly higher amount of transactions, in a ... [more ▼]

Proposed in 2016 and launched in 2018, the Bitcoin (BTC) Lightning Network (LN) can scale-up the capacity of the BTC blockchain network to process a significantly higher amount of transactions, in a faster, cheaper, and more privacy preserving manner. The number of LN nodes has been significantly increasing since 2018, and today there are more than twelve thousand nodes actively participating of so-called LN payment channels. The upcoming Taproot upgrade to the Bitcoin protocol would further boost the development and adoption of the LN. Taproot is the most significant upgrade to the Bitcoin network since the block size increase of 2017, and it will make LN transactions cheaper, more flexible, and more private. We focus on the characterization of the LN network topology, using network active measurements. By crawling the underlying P2P network supporting the Bitcoin LN over a span of 10-months, we unveil the LN in terms of size and location of its nodes as well as connectivity protocols, comparing it to the P2P IP network supporting the BTC blockchain. Among our findings, we show that IP addresses exposed by LN nodes correspond mainly to customer networks, even if most BTC nodes are actually deployed at major cloud providers, and that LN nodes significantly rely on anonymized networks and protocols such as Onion, with more than 40% of LN nodes connect through Tor. [less ▲]

Detailed reference viewed: 99 (7 ULiège)
Full Text
Peer Reviewed
See detailTravelling Without Moving: Discovering Neighborhood Adjacencies
Grailet, Jean-François ULiege; Donnet, Benoît ULiege

in Network Traffic Measurement and Analysis Conference (2021, September)

Since the early 2000's, the research community has explored many approaches to discover and study the Internet topology, designing both data collection mechanisms and models. In this paper, we introduce ... [more ▼]

Since the early 2000's, the research community has explored many approaches to discover and study the Internet topology, designing both data collection mechanisms and models. In this paper, we introduce SAGE (Subnet AggrEgation), a new topology discovery tool that infers the hop-level graph of a target network from a single vantage point. SAGE relies on subnet-level data to build a directed acyclic graph of a network modeling how its (meshes of) routers, a.k.a. neighborhoods, are linked together. Using two groundtruth networks and measurements in the wild, we show SAGE accurately discovers links and is consistent with itself upon a change of vantage point. By mapping subnets to the discovered links, the directed acyclic graphs discovered by SAGE can be re-interpreted as bipartite graphs. Using data collected in the wild from both the PlanetLab testbed and the EdgeNet cluster, we demonstrate that such a model is a credible tool for studying computer networks. [less ▲]

Detailed reference viewed: 65 (8 ULiège)
Full Text
Peer Reviewed
See detailTowards Cross-Layer Telemetry
Iurman, Justin ULiege; Brockners, Frank; Donnet, Benoît ULiege

in ACM/IRTF Applied Networking Research Workshop (ANRW) (2021, July)

This paper introduces Cross-Layer Telemetry (CLT), a way to combine in-band telemetry (based on In-Situ OAM) and Application Performance Management (APM, based on distributed tracing) into a single ... [more ▼]

This paper introduces Cross-Layer Telemetry (CLT), a way to combine in-band telemetry (based on In-Situ OAM) and Application Performance Management (APM, based on distributed tracing) into a single monitoring tool providing a full network stack observability. Using CLT, APM traces are correlated with network telemetry information, providing a better view and faster root cause analysis in case of issue. In this paper, we describe the CLT implementation and discuss a use case demonstrating its efficiency. All CLT source code is available as open source. [less ▲]

Detailed reference viewed: 49 (11 ULiège)
Full Text
Peer Reviewed
See detailStudents' Engagement with Podcast during Lockdown - an Analysis of Interaction Footprints in a Computer Science Course.
Donnet, Benoît ULiege; Verpoorten, Dominique ULiege

in European Distance and E-Learning Network (EDEN) (2021, June)

This paper addresses a remote teaching activity that consists, for students, in being exposed to podcasts instead of classic face-to-face theoretical lessons. In particular, the paper discusses potential ... [more ▼]

This paper addresses a remote teaching activity that consists, for students, in being exposed to podcasts instead of classic face-to-face theoretical lessons. In particular, the paper discusses potential impact of podcasts on students’ engagement in an introductory Computer Science course [less ▲]

Detailed reference viewed: 101 (23 ULiège)
Full Text
Peer Reviewed
See detailChallenges, Multiple Attempts, and Trump Cards - A Practice Report of Student's Exposure to an Automated Correction System for a Programming Challenges Activity
Liénardy, Simon ULiege; Leduc, Laurent ULiege; Verpoorten, Dominique ULiege et al

in Revue Internationale des Technologies en Pédagogie Universitaire (2021), 18(2), 45-60

This practical report addresses a teaching activity that consists in students submitting small programming Challenges on a web platform as part of an Introduction to Programming course (CS1). An automatic ... [more ▼]

This practical report addresses a teaching activity that consists in students submitting small programming Challenges on a web platform as part of an Introduction to Programming course (CS1). An automatic correction system called CAFÉ assesses the Challenges and provides each student with immediate feedback and feedforward on both processes and products. This report focuses on the students’ acceptance of the tool by analysing promising results with respect to student participation, performance, and perception. [less ▲]

Detailed reference viewed: 71 (10 ULiège)
Full Text
Peer Reviewed
See detailTargeted Attack through Network Fingerprinting
Marechal, Emeline ULiege; Donnet, Benoît ULiege

in Journal of Cyber Security and Mobility (2021), 10(2), 347-376

Nowadays, simple tools such as traceroute can be used by attackers to acquire topology knowledge remotely. Worse still, attackers can use a lightweight fingerprinting technique, based on traceroute and ... [more ▼]

Nowadays, simple tools such as traceroute can be used by attackers to acquire topology knowledge remotely. Worse still, attackers can use a lightweight fingerprinting technique, based on traceroute and ping, to retrieve the routers brand, and use that knowledge to launch targeted attacks. In this paper, we show that the hardware ecosystem of network operators can greatly vary from one to another, with all potential security implications it brings. Indeed, depending on the autonomous system (AS), not all brands play the same role in terms of network connectivity and network usage (MPLS vs. standard traffic). An attacker could find an interest in targeting a specific hardware vendor in a particular AS, if known defects are present in this hardware, and if the AS relies heavily on it for forwarding its traffic. [less ▲]

Detailed reference viewed: 58 (8 ULiège)
Full Text
Peer Reviewed
See detailPromoting Engagement in a CS1 Course with Assessment for Learning. A Practice Report
Liénardy, Simon ULiege; Leduc, Laurent ULiege; Donnet, Benoît ULiege

in Student Success (2021), 12(1),

This practice report discusses the evolution of a CS1 Course taught at the University of Liège, Belgium. Over the last seven years several teaching activities have been thought to complement traditional ... [more ▼]

This practice report discusses the evolution of a CS1 Course taught at the University of Liège, Belgium. Over the last seven years several teaching activities have been thought to complement traditional theoretical courses and exercise sessions in order to promote students’ engagement. The result is aligned with (i) the principles of assessment for learning, which consists in leveraging the assessment to improve the students learning, and (ii) the concept of blended learning. This report describes the difficulties the students faced and what we implemented to assist our course evolution. We also present and discuss results showing that, despite a high drop-out rate, we managed to engage students to work on a regular basis and, in some cases, raise their performance levels. [less ▲]

Detailed reference viewed: 54 (15 ULiège)
Full Text
Peer Reviewed
See detailLISP Mapping System as DoS Amplification Vector
Gabriel, Mattias; Iannone, Luigi; Donnet, Benoît ULiege

in IEEE Networking Letters (2021), 3(1), 36-39

There is a growing interest in solutions relying on the identifier/locator separation paradigm. It introduces several benefits in terms of scalability and flexibility. It relies on two addressing spaces ... [more ▼]

There is a growing interest in solutions relying on the identifier/locator separation paradigm. It introduces several benefits in terms of scalability and flexibility. It relies on two addressing spaces, namely the identifiers, for endpoint identification, and the locators, for packet forwarding. An additional control plane is necessary to map one space to the other. In this paper, we explore how control messages can be an amplification vector for DoS attacks. We evaluate the possible amplification factor based on a real deployment, showing that the amplification factor exists. We also build a GNS-3 testbed to demonstrate further and analyze the attack. [less ▲]

Detailed reference viewed: 41 (4 ULiège)
Full Text
Peer Reviewed
See detailIPv6 In-Situ Operations, Administration, and Maintenance
Iurman, Justin ULiege; Donnet, Benoît ULiege

in Software Impacts (2020), 6

In-situ Operations, Administration, and Maintenance (IOAM) is currently under standardization at the IETF. It allows for collecting telemetry and operational information along a path, within the data ... [more ▼]

In-situ Operations, Administration, and Maintenance (IOAM) is currently under standardization at the IETF. It allows for collecting telemetry and operational information along a path, within the data packet, as part of an existing (possibly additional) header. This paper introduces the very first implementation of IOAM for the Linux kernel with IPv6 as encapsulation protocol and discusses several use cases in which IOAM can find a suitable usage. [less ▲]

Detailed reference viewed: 69 (13 ULiège)
Full Text
Peer Reviewed
See detailNetwork Fingerprinting: Routers under Attack
Marechal, Emeline ULiege; Donnet, Benoît ULiege

in IEEE International Workshop on Traffic Measurements for Cybersecurity (WTMC) (2020, September)

Nowadays, simple tools such as traceroute can be used by attackers to acquire topology knowledge remotely. Worse still, attackers can use a lightweight fingerprinting technique, based on traceroute and ... [more ▼]

Nowadays, simple tools such as traceroute can be used by attackers to acquire topology knowledge remotely. Worse still, attackers can use a lightweight fingerprinting technique, based on traceroute and ping, to retrieve the routers brand, and use that knowledge to launch targeted attacks. In this paper, we show that the hardware ecosystem of network operators can greatly vary from one to another, with all potential security implications it brings. Indeed, depending on the autonomous system (AS), not all brands play the same role in terms of network connectivity. An attacker could find an interest in targeting a specific hardware vendor in a particular AS, if known defects are present in this hardware, and if the AS relies heavily on it for forwarding its traffic. [less ▲]

Detailed reference viewed: 184 (12 ULiège)
Full Text
Peer Reviewed
See detailGameCode: Choose your Own Problem Solving Path
Liénardy, Simon ULiege; Donnet, Benoît ULiege

Poster (2020, August)

This abstract focuses on a CS2 course in which gamified homework exercises are provided to students instead of in-class exercise sessions. The course, provided to first-year Computer Science students ... [more ▼]

This abstract focuses on a CS2 course in which gamified homework exercises are provided to students instead of in-class exercise sessions. The course, provided to first-year Computer Science students, introduces a rigorous methodology to write programs using Loop Invariants, recursion, and basic data structures such as Files, Lists, Queues, and Stacks. In early 2020, the COVID-19 pandemic caused a lock-down in our country. The universities decided to fully switch to remote teaching. As the exercises sessions previously consisted of solving problems on a blackboard, we had to design in a hurry course materials that would cope with remote teaching. Instead of giving students yet another podcast in their course schedule, we gave them homework exercises, we called GameCode, that they could do at their own convenience. These exercises are inspired by GameBooks in which the reader can choose the path she takes to complete the story. With GameCode, students can choose their own solving path for each exercise. This can be related to gamification. [less ▲]

Detailed reference viewed: 122 (20 ULiège)
Full Text
Peer Reviewed
See detailEvaluating the Impact of Path Brokenness on TCP Options
Edeline, Korian ULiege; Donnet, Benoît ULiege

in Applied Networking Research Workshop (2020, July)

In-path network functions enforcing policies like firewalls, IDSes, NATs, and TCP enhancing proxies are ubiquitous. They are deployed in various types of networks and bring obvious value to the Internet ... [more ▼]

In-path network functions enforcing policies like firewalls, IDSes, NATs, and TCP enhancing proxies are ubiquitous. They are deployed in various types of networks and bring obvious value to the Internet. Unfortunately, they also break important architectural principles and, consequently, make the Internet less flexible by preventing the use of advanced protocols, features, or options. In some scenarios, feature-disabling middlebox policies can lead to a performance shortfall. Moreover, middleboxes are also prone to enforce policies that disrupt transport control mechanisms, which can also have direct consequences in term of Quality-of-Service (QoS). In this paper, we investigate the impact of the most prevalent in-path impairments on the TCP protocol and its features. Using network experiments in a controlled environment, we quantify the QoS decreases and shortfall induced by feature-breaking middleboxes, and show that even in the presence of a fallback mechanism, TCP QoS remains affected. [less ▲]

Detailed reference viewed: 62 (9 ULiège)
Full Text
Peer Reviewed
See detailLet There Be Light: Revealing Hidden MPLS Tunnels with TNT
Luttringer, Jean-Romain; Vanaubel, Yves ULiege; Mérindol, Pascal et al

in IEEE Transactions on Network and Service Management (2020), 17(2), 1239-1253

Internet topology discovery aims at analyzing one of the most complex distributed systems currently deployed. Usually, it relies on measurement campaigns using hop-limited probes sent with traceroute ... [more ▼]

Internet topology discovery aims at analyzing one of the most complex distributed systems currently deployed. Usually, it relies on measurement campaigns using hop-limited probes sent with traceroute. However, this probing tool comes with several limits. In particular, some MPLS clouds might obfuscate collected traces. The resulting Internet maps, their inferred properties, and the graph models are thus incomplete and inaccurate. In this paper, we introduce TNT (Trace the Naughty Tunnels), an extension to Paris traceroute for revealing, or at least detect, all MPLS tunnels along a path. First, along with traceroute and ping probes, TNT looks for hints indicating the presence of hidden tunnels. Those hints are peculiar patterns in the resulting output, e.g., significant TTL shifts or duplicate IP addresses. Second, if those hints trigger alarms, TNT launches additional dedicated probing for possibly revealing hidden tunnels. We use GNS3 to reproduce, verify, and understand the limits and capabilities of TNT in a controlled environment. We also calibrate the thresholds at which alarms are triggered through a dedicated measurement campaign. Finally, we deploy TNT on the Archipelago platform and provide a quantified classification of MPLS configurations. All our results, including the data, the code, and the GNS3 experiments, are fully and publicly available. [less ▲]

Detailed reference viewed: 57 (6 ULiège)
Full Text
Peer Reviewed
See detailVirtual Insanity: Linear Subnet Discovery
Grailet, Jean-François ULiege; Donnet, Benoît ULiege

in IEEE Transactions on Network and Service Management (2020), 17(2), 1268-1281

Over the past two decades, the research community has developed many approaches to study the Internet topology. In particular, starting from 2007, various tools explored the inference of subnets, i.e ... [more ▼]

Over the past two decades, the research community has developed many approaches to study the Internet topology. In particular, starting from 2007, various tools explored the inference of subnets, i.e., sets of devices located on the same connection medium which can communicate directly with each other at the link layer. In this paper, we first discuss how today's traffic engineering policies increase the difficulty of subnet inference. We carefully characterize typical difficulties and quantify them in the wild. Next, we introduce WISE (Wide and lInear Subnet inferencE), a new tool which tackles those difficulties and discovers, in a linear time, large networks subnets. Based on two ground truth networks, we demonstrate that WISE outperforms state-of-the-art tools. Then, through large-scale measurements, we show that the selection of a vantage point with WISE has a marginal effect regarding accuracy. Finally, we discuss how subnets can be used to infer neighborhoods (i.e., aggregates of subnets located at most one hop from each other). We discuss how these neighborhoods can lead to bipartite models of the Internet and present validation results and an evaluation of neighborhoods in the wild, using WISE. Both our code and data are freely available. [less ▲]

Detailed reference viewed: 91 (16 ULiège)
Full Text
Peer Reviewed
See detailCAFE: Automatic Correction and Feedback of Programming Challenges for a CS1 Course
Liénardy, Simon ULiege; Leduc, Laurent ULiege; Verpoorten, Dominique ULiege et al

in ACM 22nd Australasian Computing Education Conference (ACE) (2020, February)

This paper introduces CAFE (``Correction Automatique et Feedback des Etudiants''), an on-line platform designed to assess and deliver automatic feedback and feedforward information to CS1 students, both ... [more ▼]

This paper introduces CAFE (``Correction Automatique et Feedback des Etudiants''), an on-line platform designed to assess and deliver automatic feedback and feedforward information to CS1 students, both on process and products of series of programming exercises, targeting especially an informal Loop Invariant for building the code. The paper reports on the first trials of CAFE with a group of 80 students. Results show that CAFE is used, usable, and appreciated by students. [less ▲]

Detailed reference viewed: 246 (43 ULiège)
Full Text
Peer Reviewed
See detailImplementation of IPv6 IOAM in Linux Kernel
Iurman, Justin ULiege; Donnet, Benoît ULiege; Brockners, Frank

in Netdev 0x14 (2020)

In-situ Operations, Administration and Maintenance (IOAM) is currently under standardization at the IETF. It allows for collecting telemetry and operational information along a path, within packets, as ... [more ▼]

In-situ Operations, Administration and Maintenance (IOAM) is currently under standardization at the IETF. It allows for collecting telemetry and operational information along a path, within packets, as part of an existing (possibly additional) header. This paper discusses the very first implementation of IOAM for the Linux kernel with IPv6 as encapsulation protocol. We also evaluate our implementation, available as open source, under a controlled environment. [less ▲]

Detailed reference viewed: 135 (24 ULiège)
Full Text
Peer Reviewed
See detailAll that Glitters is not Bitcoin - Unveiling the Centralized Nature of the BTC (IP) Network
Ben Mariem, Sami ULiege; Casas, Pedro; Romiti, Matteo et al

in IEEE/IFIP Network Operations and Management Symposium (NOMS) (2020)

Blockchains are typically managed by peer-to-peer (P2P) networks providing the support and substrate to the so-called distributed ledger (DLT), a replicated, shared, and synchronized data structure ... [more ▼]

Blockchains are typically managed by peer-to-peer (P2P) networks providing the support and substrate to the so-called distributed ledger (DLT), a replicated, shared, and synchronized data structure, geographically spread across multiple nodes. The Bitcoin (BTC) blockchain is by far the most well-known DLT, used to record transactions among peers, based on the BTC digital currency. In this paper we focus on the network side of the BTC P2P network, analyzing its nodes from a purely network measurements-based approach. We present a BTC crawler able to discover and track the BTC P2P network through active measurements, and use it to analyze its main properties. Through the combined analysis of multiple snapshots of the BTC network as well as by using other publicly available data sources on the BTC network and DLT, we unveil the BTC P2P network, locate its active nodes, study their performance, and track the evolution of the network over the past two years. Among other relevant findings, we show that (i) the size of the BTC network has remained almost constant during the last 12 months -- since the major BTC price drop in early 2018, (ii) most of the BTC P2P network resides in US and EU countries, and (iii) despite this western network locality, most of the mining activity and corresponding revenue is controlled by major mining pools located in China. By additionally analyzing the distribution of BTC coins among independent BTC entities (i.e., single BTC addresses or groups of BTC addresses controlled by the same actor), we also conclude that (iv) BTC is very far from being the decentralized and uncontrolled system it is so much advertised to be, with only 4.5% of all the BTC entities holding about 85% of all circulating BTC coins [less ▲]

Detailed reference viewed: 168 (29 ULiège)
Full Text
Peer Reviewed
See detailmmb: Flexible High-Speed Userspace Middleboxes
Edeline, Korian ULiege; Iurman, Justin ULiege; Soldani, Cyril ULiege et al

in Applied Networking Research Workshop (2019, July)

Nowadays, Internet actors have to deal with a strong increase in Internet traffic at many levels. One of their main challenge is building high-speed and efficient networking solutions. In such a context ... [more ▼]

Nowadays, Internet actors have to deal with a strong increase in Internet traffic at many levels. One of their main challenge is building high-speed and efficient networking solutions. In such a context, kernel-bypass I/O frameworks have become their preferred answer to the increasing bandwidth demands. Many works have been achieved, so far, all of them claiming to have succeeded in reaching line-rate for traffic forwarding. However, this claim does not hold for more complex packet processing. In addition, all those solutions share common drawbacks on either deployment flexibility or configurability and user-friendliness. This is exactly what we tackle in this paper by introducing mmb, a VPP middlebox plugin that allows, through an intuitive command-line interface, to easily build stateless and stateful classification and rewriting middleboxes. mmb makes a careful use of instruction caching and memory prefetching, in addition to other techniques used by other high-performance I/O frameworks. We compare mmb performance with other middlebox solutions, such as kernel-bypass framework and kernel-level optimized approach, for enforcing middleboxes policies (firewall, NAT, transport-level engineering). We demonstrate that mmb performs, generally, better than existing solutions, sustaining a line-rate processing while performing large numbers of complex policies [less ▲]

Detailed reference viewed: 80 (23 ULiège)
Full Text
Peer Reviewed
See detailRevisiting Subnet Inference WISE-ly
Grailet, Jean-François ULiege; Donnet, Benoît ULiege

in TMA 2019 - Proceedings of the 3rd Network Traffic Measurement and Analysis Conference (2019, June 19)

Since the late 90’s, the Internet topology discovery has been an attractive and important research topic, leading, among others, to multiple probing and data analysis tools developed by the research ... [more ▼]

Since the late 90’s, the Internet topology discovery has been an attractive and important research topic, leading, among others, to multiple probing and data analysis tools developed by the research community. This paper looks at the particular problem of discovering subnets (i.e., a set of devices that are located on the same connection medium and that can communicate directly with each other at the link layer). In this paper, we first show that the use of traffic engineering policies may increase the difficulty of subnet inference. We carefully characterize those difficulties and quantify their prevalence in the wild. Next, we introduce WISE (Wide and lInear Subnet inferencE), a novel tool for subnet inference designed to deal with those issues and able to discover subnets on wide ranges of IP addresses in a linear time. Using two groundtruth networks, we demonstrate that WISE performs better than state-of-the-art tools while being competitive in terms of subnet accuracy. We also show, through large-scale measurements, that the selection of vantage point with WISE does not matter in terms of subnet accuracy. Finally, all our code (WISE, data processing, results plotting) and collected data are freely available. [less ▲]

Detailed reference viewed: 73 (24 ULiège)