Virginia Tech Introduces ASINT: Advancing ASN Mapping for Internet Operations

Virginia Tech researchers have unveiled a groundbreaking tool called ASINT, designed to revolutionize the way Autonomous System Numbers (ASNs) are mapped to their corresponding organizations. This innovative tool enhances previous mapping methodologies by combining routing metadata from sources like Whois, PeeringDB, corporate websites, and merger and acquisition records with sophisticated analysis pipelines. While building on datasets such as CAIDA’s AS2ORG, ASINT aims to provide broader coverage with a sharper focus on operational use cases. This cutting-edge resource offers organizations a deeper understanding of their ASN landscape while addressing critical operational challenges in internet infrastructure.

How ASINT Revolutionizes ASN Mapping

ASINT takes a unique approach to ASN mapping by combining comprehensive data aggregation with rigorous analysis pipelines. The tool processes routing metadata at a massive scale, effectively mapping 111,470 ASNs into 81,233 organizational families in its current snapshot. This impressive scale is achieved by pushing large datasets through curated contexts for efficient inference. The result is a powerful tool that delivers an accurate and scalable solution for network operators, researchers, and others who rely on accurate ASN attribution for their operations.

One of the revolutionary aspects of ASINT is its ability to identify anomalies that may otherwise be misclassified. For instance, between January 2023 and July 2024, ASINT analyzed 17,282 Border Gateway Protocol (BGP) anomaly alerts, identifying 1,621 (approximately 9.4%) as likely legitimate internal re-announcements. Operator feedback confirmed that these were indeed internal, intra-organization events rather than external hijacks. Such insights provide clearer distinctions and help enhance operational efficiency across the internet ecosystem.

The Importance of Accurate ASN Attribution

Accurately mapping ASNs to their real operators is a crucial element for various Internet operations, including security and anomaly detection. Tools like ASINT are not just academic exercises; they have real-world applications. Services such as Cloudflare Radar often flag mismatches between origin ASNs and Route Origin Authorizations (ROAs), which can be misinterpreted as malicious hijacking. ASINT bridges this gap by identifying legitimate internal re-announcements, minimizing false alarms and improving the reliability of these systems.

Furthermore, tools like ASINT are essential for maintaining a healthy internet ecosystem. Researchers and network operators can use the tool to validate ASN mappings, ensuring that datasets are accurate and actionable. By offering a scalable and accessible solution, ASINT contributes to the broader efforts of the global internet community in improving transparency and security.

How Operators Can Contribute and Future Plans

The development team behind ASINT is actively seeking feedback from network operators to further enhance the tool’s accuracy. Operators are encouraged to provide data, particularly ground-truth lists from their networks, which can help refine and strengthen the dataset. Feedback can be submitted directly on the ASINT website or via email to the team. By fostering collaboration between academia and the community, ASINT aims to continually evolve to meet the challenges of a rapidly changing internet landscape.

ASINT is designed as a complementary resource rather than a replacement for existing datasets and community-curated efforts. The researchers also plan to incorporate corrections based on operator feedback and regularly update the tool to reflect the latest findings. Its ability to provide accurate, real-time mapping ensures it will remain an invaluable resource for operators and researchers alike in the field of internet infrastructure.