2014-houmansadr-no
findings extracted from this paper
-
Under the RAD attack a large fraction of China's routes to Internet destinations shift to non-valley-free (NVF) paths, which impose direct monetary costs because ASes must pay for traffic they would normally earn revenue transiting. Among valley-free paths that survive, 6%–21% switch to less-preferred (more expensive) routes, 20%–43% become longer, and average path length increases by 1.12×–1.40× depending on placement strategy.
-
Even under the most censor-favorable (random-no-ring-1) decoy placement, launching the RAD attack increases average Internet route latency from China by over 4×; under strategic placements the average latency increase factor reaches 8×. These increases arise because RBGP is forced onto lower-capacity, less-popular transit ASes even when path hop-count is unchanged.
-
The feasibility of the RAD attack scales sharply with the censor's network connectivity. Strategic placement of decoys in just 1% of ASes disconnects China from 18% of Internet destinations, Venezuela from 54%, and Syria from 87%. Countries with fewer controlled ASes and ring ASes have dramatically less routing flexibility and are far more vulnerable to even small decoy deployments.
-
The RAD attack requires converting a large number of Chinese edge ASes into transit ASes: placing decoys in 2% of global ASes (random-no-ring-1, China-World scenario) forces 59 edge ASes to become transit ASes, nearly doubling China's 30 existing transit ASes. One Chinese transit AS must carry approximately 122× its normal load; the abstract reports a peak of 2,800× in a more aggressive scenario, a threshold the paper considers operationally infeasible.
-
The RAD paper's random decoy placement is heavily biased in favor of the censor: 86.2% of all Internet ASes are edge ASes with customer cone size 1, so random selection rarely hits transit ASes. Replacing random with sorted-no-ring placement (decoys chosen from ASes that appear most on adversary BGP routes) disconnects China from 30% of Internet destinations using only 2% decoy coverage, versus the 4% disconnection reported in the original RAD paper.