Maginot lines and tourniquets : on the defendability of national cyberspace

Abstract

National governments know the Internet as both a blessing and a headache. On the one hand, it unlocks great economic and strategic opportunity. On the other hand, government, military, or emergency-services become vulnerable to scans (Shodan), attacks (DDoS from botnets like Mirai), etc., when made accessible on the Internet. How hard is it for a national government to effectively secure its entire cyberspace? We approach this problem from the view that a coordinated defense involves monitors and access control (firewalls etc.) to inspect traffic entering or leaving the country, as well as internal traffic. In several case studies, we consistently find a natural Line of Defense — a small number of Autonomous Systems (ASes) that intercept most (> 95%) network paths in the country. We conclude that in many countries, the structure of the Internet actually makes it practical to build a nation-scale cordon, to detect and filter cyber attacks.