The RIPE NCC Community Projects Fund opened its call for applications in July 2019. The application period was open for 8 weeks and more than 45 applications from 23 different countries were submitted to the selection committee.
The RIPE NCC Community Projects Fund Selection Committee has reviewed the applications and is happy to announce that the following seven projects have been selected as the 2019 recipients of the RIPE NCC Community Projects Fund.
Congratulations to the selected projects!
IP squatting is the hijacking of unallocated IP address space by malicious networks that use this attack to number botnet command and control hosts, and spam relays with temporary addresses, in order to hinder their detectability and trackability, with IXP prefixes and transferred IP prefixes being particularly vulnerable. These bogus advertisements are often realised as spear attacks, namely highly targeted bogus advertisements to evade detection.The aim of the project is to develop the necessary techniques to enable predictive capabilities in the detection and mitigation of these emerging threats that currently cannot be addressed by the existing tools.
Institute of Computer Science (ICS), Foundation for Research and Technology - Hellas (FORTH)
This project will extend the ARTEMIS open-source tool (funded by the Community Projects Fund in 2017) that performs real-time detection and mitigation of BGP prefix hijacks. ARTEMIS utilises control-plane information from network-external (e.g., RIPE RIS, RouteViews, CAIDA BMP) and local route collectors (e.g., exaBGP), as well as network-specific contextual knowledge supplied by the network operator (such as IP prefix origination, AS-AS peerings, etc.). The project will enrich the functionality of ARTEMIS to evaluate and monitor the impact of a BGP prefix hijacking incident on the data plane. Data-plane monitoring will be enabled through traceroutes to affected IP prefixes. This includes developing a methodology to select the best set of RIPE Atlas probes to launch traceroutes, based on the victim AS, the hijacker AS, and the hijack type.
The Internet consists of more than 65k autonomous networks which work together based on mutual trust. Some of these networks include fake ASNs that are responsible for malicious traffic (spam, botnet, DDoS). The ASNR project aims to create a ‘looking glass’ that can be used by the Internet community to search and display ASNs action and quickly detect fake ASNs.
Cryptofuzz, C++, open source (GPL3), leverages fuzzing to find security bugs in cryptography libraries. Results of operations (eg., cryptographic hashing, symmetric encryption) are compared with the output of other libraries performing the same operation in order to find implementation anomalies.
The Tor Project
The Tor Project wants to step-up their IPv6 support by improving their software and increasing the number of Tor network relays that support IPv6. As a result of this work, all IPv6-first or IPv6-only users in the RIPE region will have a more reliable experience on the Tor network. This project can have an instantaneous benefit for censored users: some censorship equipment only supports IPv4, so having IPv6 support on the Tor network immediately creates broader access to censorship circumvention. Over time, this project has the potential to impact the one million plus daily Tor users in the RIPE service region.
IRRexplorer allows network operators to explore IRR, BGP and RPKI data, and the consistency between these sources. Misconfigurations or rogue entries in any of these data sources can have an operational impact, such as increased vulnerability to BGP hijacks and increased chances of down time. Therefore it’s important for operators to be aware of issues and be assisted in resolving them. The IRRexplorer provides feedback to network operators on what they can potentially improve on. For example, which old route objects could be deleted or which IRR database is the best for a given prefix to register route announcements.
This project looks at the quality of, and discrepancies between RPKI repositories to enable operator to troubleshoot their Certificate Authority and Relying Party software deployment. With the increasing adoption of the Resource Public Key Infrastructure (RPKI) for BGP origin validation, the quality of data inside RPKI repositories directly affects the state of the Internet more each day. However, analysis and monitoring tools for this data, are not available to the community yet. This project will invest in researching the state of RPKI repositories to ensure a healthy RPKI ecosystem for the whole community.
We’d like to thank everyone that showed interest in the fund.