Internet topology and performance analytics for mapping critical network infrastructure
|
|
- Brent Parrish
- 8 years ago
- Views:
Transcription
1 CYBER SECURITY DIVISION 2014 R&D SHOWCASE AND TECHNICAL WORKSHOP Internet topology and performance analytics for mapping critical network infrastructure CAIDA/UCSD PI k claffy December
2 Team Profile Center for Applied Internet Data Analysis (CAIDA) Founded by PI and Director k claffy Independent analysis and research group 15+ years experience in data collection, curation, and research Known for data collection tools, analysis, and data sharing located at the UC San Diego s Supercomputer Center Key personnel: Bradley Huffaker, Young Hyun, Marina Fomenkov, Josh Polterock, Ken Keys, Matthew Luckie 2
3 Need: Situational Awareness of Internet Fundamental Global Cybersecurity Challenge The Internet s scope and complexity is growing faster than our capability to understand or measure its structure, dynamics, or vulnerabilities. [46k independent networks: typically commercial, competitive, opaque] 3
4 Approach: Infrastructure, Data, Analytics 1. Design, implement, validate measurement algorithms Sustainable and scalable system design 2. Deploy and manage measurement infrastructure 106+ Archipelago monitors (38 IPv6, 58 Pi s, 36 RadClock) Continually and comprehensively probe IP address space 3. Apply algorithms and infrastructure to improve integrity and scope of maps Derive router- and AS-level topologies Curated data kits shared with researchers (ITDK) 4. Inform real-world problems with better understanding of the Internet s structure, routing dynamics, performance, and vulnerabilities 4
5 Approach: Increase Completeness, Accuracy and Richness of Topology Map AS Ranking by Customer Cones (BCP38) Archipelago Router-level map PoP- level map Operator valida0on 5
6 Approach: Curate Data to Enable Others Synthesize data to curate Internet Topology Data Kit Augment with BGP, DNS lookups, geolocation data, other sources of trace route data Derived: IP paths, AS paths, router aliases Results: relationship-aware AS graph; AS-to- Organization mappings; router graph including geolocation & ownership [Eventually] support interactive use of data kit 6
7 Approach: ITDK WorkFlow cyberspace is complicated! Center for Applied Internet Data Analysis ITDK: Internet Topology Data Kit Process IP traceroute BGP looking servers glass servers BGP BGP looking glass glass servers BGP Collectors CAIDA DDec Internet digital envoy Netacuity MAXMIND GeoLite City DNS DNS servers servers data collectors data servers CAIDA A rchipelago scamper MIDAR data files data processes iffinder geographic IPv4 address geolocation AS level BGP paths geographic IPv4 address geolocation DNS HostDB hostnames IP level Ark traces MIDAR router aliases Iffinder AS relationship complex AS relationship multi-lateral peering AS relationship peering from traceroute AS Relationship conventional Geolocation process DRoP hostname decode AS Assignment process Filter IP Hostnames process kapar process AS relationships conventional peering AS relationships conventional AS relationships complex new AS relationships conventional AS graph AS customer cone ITDK Datasets router geolocation router AS assignment hostnames router graph nodes links 7
8 Benefits: Enabling Wide Range of Security and Stability Research router topology mapping and validation architecting interdomain atlas of congestion Structure business relationship inference and validation filter policy congruity scalable measurement systems Performance Security mapping of fragility evolution of advanced TCP features understanding TCP s resilience to attacks forged address detection and mitigation
9 Benefits: Broader Impact macroscopic topology, AS rank Network intelligence: prefix hijacking, outages broader impacts Network intelligence: TreasureMap TR: DNS server placement CCS: routing bottlenecks IMC: mapping google expansion PAM: policy violations IMC: MPLS deployment TR: defend against Tor adversaries IMC: router fingerprinting IMC: ECN readiness PAM: traceroute pitfalls 9
10 Macroscopic Internet Graph 2014 (v4,6) 10
11 Competition Related Work In academics, we view as related work rather than competition and try to reduce unnecessary redundancy. RIPE Atlas ( Internet Atlas ( iplane datasets ( DIMES ( zmap ( Renesys ( recently acquired by Dyn 11
12 Current Status: Recent achievements (infrastructure, software/services, data) Deployed 27 Ark nodes (2014) bringing total to 106 Implemented & deployed Dolphin: bulk DNS resolution tool public release of DNS Decoder (DDec) automated hostnamebased geolocation data store and feedback collection service released beta version of interactive intermediate (PoP/citylevel) map validation functionality for testing & feedback (Apr) produced new AS classification derived from: darknet traffic data, AS-relationships, BGP announcements, peeringdb released April 2014 Internet Topology Data Kit (ITDK), with router and BGP-derived AS level topology published AS Core Topology Graph poster for 2014 new interactive data interface (caida.org tab) 12
13 Current Status: Recent achievements (publications, workshops, predictions) two papers at IMC2014 (&TPRC14): Fine-Grained AS Relationship Inference and Challenges in Inferring Internet Interdomain Congestion ACM SIGCOMM CCR papers on DNS-based router positioning (DRoP), spurious routes in BGP data two papers to appear PAM2015: IPv6 AS Relationships, Clique, and Congruence, Measuring and Characterizing IPv6 Router Availability (collaboration with NPS.edu) invited panel (slides&video online): Internet Architecture Innovation: 2020 and 2030, Duke Law s Center for Innovation Policy Forum Active Internet Measurement Workshop (AIMS2014) Workshop on Internet Economics (WIE2014) New CAIDA program plan
14 Next Steps: CAIDA Interactive Interactive views of data that allows users to: Learn from annotated Internet data Provide feedback on analysis & inference methods Execute on-demand measurements Correlate with other data sources Aiming for user-friendly interface to topology data and infrastructure AS Rank as-rank.caida.org DDec ddec.caida.org DatCat CHARTH USE charthouse.caida.org Vela vela.caida.org 14
15 Contact Information k claffy kc@caida.org 15
High-Frequency Active Internet Topology Mapping
High-Frequency Active Internet Topology Mapping Cyber Security Division 2012 Principal Investigators Meeting October 10, 2012 Robert Beverly Assistant Professor Naval Postgraduate School rbeverly@nps.edu
More informationInternet Mapping: from Art to Science
Internet Mapping: from Art to Science Kimberly Claffy Young Hyun Ken Keys Marina Fomenkov Dmitri Krioukov Cooperative Association for Internet Data Analysis, San Diego Supercomputer Center, University
More informationThe Joint Degree Distribution as a Definitive Metric of the Internet AS-level Topologies
The Joint Degree Distribution as a Definitive Metric of the Internet AS-level Topologies Priya Mahadevan, Dimitri Krioukov, Marina Fomenkov, Brad Huffaker, Xenofontas Dimitropoulos, kc claffy, Amin Vahdat
More informationThe digital copy of this thesis is protected by the Copyright Act 1994 (New Zealand).
http://waikato.researchgateway.ac.nz/ Research Commons at the University of Waikato Copyright Statement: The digital copy of this thesis is protected by the Copyright Act 1994 (New Zealand). The thesis
More informationAnalyzing and modelling the AS-level Internet topology
Analyzing and modelling the AS-level Internet topology Shi Zhou & Raul J. Mondragon Department of Electronic Engineering Queen Mary, University of London Mile End Road, London, E1 4NS, United Kingdom Email:
More informationStudying Black Holes on the Internet with Hubble
Studying Black Holes on the Internet with Hubble Ethan Katz-Bassett, Harsha V. Madhyastha, John P. John, Arvind Krishnamurthy, David Wetherall, Thomas Anderson University of Washington August 2008 This
More informationA Study on Traceroute Potentiality in Revealing the Internet AS-level Topology
A Study on Traceroute Potentiality in Revealing the Internet AS-level Topology Adriano Faggiani, Enrico Gregori, Alessandro Improta, Luciano Lenzini, Valerio Luconi, Luca Sani Information Engineering Department,
More informationRecent Results in Network Mapping: Implications on Cybersecurity
Recent Results in Network Mapping: Implications on Cybersecurity Robert Beverly, Justin Rohrer, Geoffrey Xie Naval Postgraduate School Center for Measurement and Analysis of Network Data (CMAND) July 27,
More informationEmbedded BGP Routing Monitoring. Th. Lévy O. Marcé
Embedded BGP Routing Monitoring Th. Lévy O. Marcé Introduction & Motivations Off-line BGP routing monitoring initiatives (i.e based on router logs) already exist: Periodic report : The CIDR Report Objective
More informationActive Measurements: traceroute
Active Measurements: traceroute 1 Tools: Traceroute Exploit TTL (Time to Live) feature of IP When a router receives a packet with TTL=1, packet is discarded and ICMP_time_exceeded returned to sender Operational
More informationDistributed Systems. 23. Content Delivery Networks (CDN) Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 23. Content Delivery Networks (CDN) Paul Krzyzanowski Rutgers University Fall 2015 November 17, 2015 2014-2015 Paul Krzyzanowski 1 Motivation Serving web content from one location presents
More informationOn the Impact of Route Monitor Selection
On the Impact of Route Monitor Selection Ying Zhang Zheng Zhang Z. Morley Mao Y. Charlie Hu Bruce M. Maggs Univ. of Michigan Purdue Univ. Univ. of Michigan Purdue Univ. Carnegie Mellon and Akamai Tech.
More informationOn the Eyeshots of BGP Vantage Points
On the Eyeshots of BGP Vantage Points Kai Chen, Chengchen Hu, Wenwen Zhang, Yan Chen, Bin Liu Northwestern University, Tsinghua University, University of Illinois at Chicago {kchen, ychen}@northwestern.edu,
More informationMultihoming and Multi-path Routing. CS 7260 Nick Feamster January 29. 2007
Multihoming and Multi-path Routing CS 7260 Nick Feamster January 29. 2007 Today s Topic IP-Based Multihoming What is it? What problem is it solving? (Why multihome?) How is it implemented today (in IP)?
More informationDistributed Systems. 25. Content Delivery Networks (CDN) 2014 Paul Krzyzanowski. Rutgers University. Fall 2014
Distributed Systems 25. Content Delivery Networks (CDN) Paul Krzyzanowski Rutgers University Fall 2014 November 16, 2014 2014 Paul Krzyzanowski 1 Motivation Serving web content from one location presents
More informationOn the Impact of Route Monitor Selection
On the Impact of Route Monitor Selection Ying Zhang Zheng Zhang Z. Morley Mao Y. Charlie Hu Bruce Maggs Univ. of Michigan Purdue Univ. Univ. of Michigan Purdue Univ. CMU Paper ID: E-578473438 Number of
More informationEfficient Discovery of Load-Balanced Paths. Alistair King al@bellstreet.co.nz
Efficient Discovery of Load-Balanced Paths Alistair King al@bellstreet.co.nz Load-Balancer Traceroute Gives confidence that the complete topology has been discovered. Probes each TTL repeatedly to discover
More informationEfficient Doubletree: An Algorithm for Large-Scale Topology Discovery
Middle-East Journal of Scientific Research 15 (9): 1264-1271, 2013 ISSN 1990-9233 IDOSI Publications, 2013 DOI: 10.5829/idosi.mejsr.2013.15.9.11480 Efficient Doubletree: An Algorithm for Large-Scale Topology
More informationA Second Look at Detecting Third-Party Addresses in Traceroute Traces with the IP Timestamp Option
A Second Look at Detecting Third-Party Addresses in Traceroute Traces with the IP Timestamp Option Matthew Luckie and kc claffy {mjl,kc}@caida.org CAIDA, UC San Diego, USA Abstract. Artifacts in traceroute
More informationMeasured Impact of Crooked Traceroute
Measured Impact of Crooked Traceroute Matthew Luckie Amogh Dhamdhere, kc claffy David Murrell Computer Science CAIDA Computer Science University of Waikato University of California, San Diego University
More informationOutline. EE 122: Interdomain Routing Protocol (BGP) BGP Routing. Internet is more complicated... Ion Stoica TAs: Junda Liu, DK Moon, David Zats
Outline EE 22: Interdomain Routing Protocol (BGP) Ion Stoica TAs: Junda Liu, DK Moon, David Zats http://inst.eecs.berkeley.edu/~ee22/fa9 (Materials with thanks to Vern Paxson, Jennifer Rexford, and colleagues
More informationPORTOLAN. Probing the Internet through Smartphone-based Crowdsourcing
PORTOLAN Probing the Internet through Smartphone-based Crowdsourcing Adriano Faggiani, Enrico Gregori, Alessandro Improta, Luciano Lenzini, Valerio Luconi, Alessio Vecchio RIPE 67 Athens 14-18 October
More informationA Characterization of IPv6 Network Security Policy
A Characterization of IPv6 Network Security Policy Mark International Computer Science Institute MAPRG Meeting April 2016 Hey [IETF] I'm calling all stations Blowing down the wire tonight I'm singing through
More informationScalable NetFlow Analysis with Hadoop Yeonhee Lee and Youngseok Lee
Scalable NetFlow Analysis with Hadoop Yeonhee Lee and Youngseok Lee {yhlee06, lee}@cnu.ac.kr http://networks.cnu.ac.kr/~yhlee Chungnam National University, Korea January 8, 2013 FloCon 2013 Contents Introduction
More informationDetecting BGP hijacks in 2014
Detecting BGP hijacks in 2014 Guillaume Valadon & Nicolas Vivet Agence nationale de la sécurité des systèmes d information http://www.ssi.gouv.fr/en NSC - November 21th, 2014 ANSSI - Detecting BGP hijacks
More informationAmogh Dhamdhere. Cooperative Association for Internet Data Analysis 9500 Gilman Dr., Mail Stop 0505 amogh@caida.org La Jolla, CA 92093-0505
Amogh Dhamdhere Research Scientist 858-822-0882 (O) Cooperative Association for Internet Data Analysis 9500 Gilman Dr., Mail Stop 0505 amogh@caida.org La Jolla, CA 92093-0505 www.caida.org/ amogh Education
More informationSummary : Mapping Interconnection in the Internet: Colocation, Connectivity and Congestion
Summary: Mapping Interconnection in the Internet: Colocation, Connectivity and Congestion As the global Internet expands to satisfy the demands and expectations of an ever-increasing fraction of the world
More informationState of the Cloud DNS Report
transparency for the cloud State of the Cloud DNS Report Basic Edition April 2015 2015 Table of Contents Overview Introduction 3 Anycast vs. Unicast DNS 3 Provider Overview & Current News 4 Provider Marketshare
More informationAS Relationships, Customer Cones, and Validation
AS Relationships, Customer Cones, and Validation Matthew Luckie CAIDA / UC San Diego mjl@caida.org Vasileios Giotsas University College London V.Giotsas@cs.ucl.ac.uk Bradley Huffaker CAIDA / UC San Diego
More informationCollecting the Internet AS-level Topology
Collecting the Internet AS-level Topology Beichuan Zhang, Raymond Liu Computer Science Dept. UCLA {bzhang, raymondl}@cs.ucla.edu Daniel Massey Computer Science Dept. Colorado State University massey@cs.colostate.edu
More informationState of the Cloud DNS Report
transparency for the cloud State of the Cloud DNS Report Basic Edition August 2015 2015 Table of Contents Overview Introduction 3 Anycast vs. Unicast DNS 3 Provider Overview & Current News 4 Provider Marketshare
More informationPrimitives for Active Internet Topology Mapping: Toward High-Frequency Characterization
Primitives for Active Internet Topology Mapping: Toward High-Frequency Characterization Robert Beverly Naval Postgraduate School rbeverly@nps.edu Arthur Berger MIT CSAIL / Akamai awberger@csail.mit.edu
More informationCollapse by Cascading Failures in Hybrid Attacked Regional Internet
Collapse by Cascading Failures in Hybrid Attacked Regional Internet Ye Xu and Zhuo Wang College of Information Science and Engineering, Shenyang Ligong University, Shenyang China xuy.mail@gmail.com Abstract
More informationEfficient Doubletree: An Algorithm for Large-Scale Topology Discovery
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661, p- ISSN: 2278-8727Volume 13, Issue 3 (Jul. - Aug. 2013), PP 05-12 Efficient Doubletree: An Algorithm for Large-Scale Topology Discovery
More informationYarrp ing the Internet
Yarrp ing the Internet Robert Beverly Naval Postgraduate School February 12, 2016 Active Internet Measurements (AIMS) Workshop R. Beverly (NPS) Yarrp AIMS 2016 1 / 17 Motivation Active Topology Probing
More informationSome Examples of Network Measurements
Some Examples of Network Measurements Example 1 Data: Traceroute measurements Objective: Inferring Internet topology at the router-level Example 2 Data: Traceroute measurements Objective: Inferring Internet
More informationInternet Infrastructure Measurement: Challenges and Tools
Internet Infrastructure Measurement: Challenges and Tools Internet Infrastructure Measurement: Challenges and Tools Outline Motivation Challenges Tools Conclusion Why Measure? Why Measure? Internet, with
More informationPublic Review for Revealing MPLS Tunnels Obscured from Traceroute. Benoit Donnet, Matthew Luckie, Pascal Mérindol, and Jean-Jacques Pansiot
a c m Public Review for Revealing MPLS Tunnels Obscured from Traceroute Benoit Donnet, Matthew Luckie, Pascal Mérindol, and Jean-Jacques Pansiot Multiprotocol Label Switching (MPLS) has been widely deployed
More informationDiscovering High-Impact Routing Events Using Traceroutes
ISCC 2015 IEEE Symposium on Computers and Communications Discovering High-Impact Routing Events Using Traceroutes Dept. of Engineering, Roma Tre University, Italy July 7th, 2015 Larnaca, Cyprus Joint work
More informationLivermore Computer Network Simulation Program
LLNL-CONF-524373 Livermore Computer Network Simulation Program P. D. Barnes, J. M. Brase, T. W. Canales, M. M. Damante, M. A. Horsley, D. R. Jefferson, R. A. Soltz January 25, 2012 LIvermore Computer Network
More informationA Stateless Traceback Technique for Identifying the Origin of Attacks from a Single Packet
A Stateless Traceback Technique for Identifying the Origin of Attacks from a Single Packet Marcelo D. D. Moreira, Rafael P. Laufer, Natalia C. Fernandes, and Otto Carlos M. B. Duarte Universidade Federal
More informationC HINA 1 is the country with the largest number of Internet
1908 IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 24, NO. 9, SEPTEMBER 2013 Topology Mapping and Geolocating for China s Internet Ye Tian, Member, IEEE, Ratan Dey, Student Member, IEEE,
More informationWeek 4 / Paper 1. Open issues in Interdomain Routing: a survey
Week 4 / Paper 1 Open issues in Interdomain Routing: a survey Marcelo Yannuzzi, Xavier Masip-Bruin, Olivier Bonaventure IEEE Network, Nov.-Dec. 2005, vol. 19, no. 6, pp. 49 56 Main point There are many
More informationTowards Autonomic DDoS Mitigation using Software Defined Networking
Towards Autonomic DDoS Mitigation using Software Defined Networking Authors: Rishikesh Sahay, Gregory Blanc, Zonghua Zhang, Hervé Debar NDSS Workshop on Security of Emerging Networking Technologies (SENT
More informationMeasuring the Evolution of Internet Peering Agreements
Measuring the Evolution of Internet Peering Agreements Amogh Dhamdhere 1, Himalatha Cherukuru 2, Constantine Dovrolis 2, and Kc Claffy 1 CAIDA 1 Georgia Tech 2 {amogh,kc}@caida.org dovrolis@cc.gatech.edu
More informationEfficient Methodical Internet Topology Discovery
Efficient Methodical Internet Topology Discovery Alistair King Supervisor: Dr Matthew Luckie This report is submitted in partial fulfilment of the requirements for the degree of Bachelor of Computing and
More informationAfriNREN Project Literature Review
AfriNREN Project Literature Review Chantal Yang, UNIVERSITY OF CAPE TOWN Previous research on National Research and Education Networks (NRENs) in Africa has shown high latency in traffic exchange between
More informationLayer 1-Informed Internet Topology Measurement
Layer 1-Informed Internet Topology Measurement Ramakrishnan Durairajan University of Wisconsin-Madison rkrish@cs.wisc.edu Joel Sommers Colgate University jsommers@colgate.edu Paul Barford University of
More informationXPROBE-NG. What s new with upcoming version of the tool. Fyodor Yarochkin Armorize Technologies
XPROBE-NG What s new with upcoming version of the tool Fyodor Yarochkin Armorize Technologies Abstract Attacks trends analysis and network modern discovery requirements lazy scanning, application level
More informationTopology Discovery at the Router Level: A New Hybrid Tool Targeting ISP Networks
IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL. 29, NO. 9, OCTOBER 2011 1 Topology Discovery at the Router Level: A New Hybrid Tool Targeting ISP Networks Pietro Marchetta, Pascal Mérindol, Benoit
More informationInternet Traffic Trends A View from 67 ISPs
Internet Traffic Trends A View from 67 ISPs Craig Labovitz (labovit@arbor.net) Danny McPherson (danny@arbor.net) Scott Iekel-Johnson (scottij@arbor.net) Mike Hollyman (mhollyman@arbor.net) Internet Statistics
More informationMassive Cloud Auditing using Data Mining on Hadoop
Massive Cloud Auditing using Data Mining on Hadoop Prof. Sachin Shetty CyberBAT Team, AFRL/RIGD AFRL VFRP Tennessee State University Outline Massive Cloud Auditing Traffic Characterization Distributed
More informationEfficient strategies for active interface-level network topology discovery
Calhoun: The NPS Institutional Archive Theses and Dissertations Thesis Collection 2013-09 Efficient strategies for active interface-level network topology discovery Baltra, Guillermo P. Monterey, California:
More informationWeb Caching and CDNs. Aditya Akella
Web Caching and CDNs Aditya Akella 1 Where can bottlenecks occur? First mile: client to its ISPs Last mile: server to its ISP Server: compute/memory limitations ISP interconnections/peerings: congestion
More informationTowards the Science of Network Measurement. Rocky K. C. Chang The Internet Infrastructure and Security Laboratory November 20, 2012
Towards the Science of Network Measurement Rocky K. C. Chang The Internet Infrastructure and Security Laboratory November 20, 2012 Network measurement problems Topology characterization Geolocation problems
More informationUnderstanding the topological properties of Internet traffic: a view from the edge
Understanding the topological properties of Internet traffic: a view from the edge Juan Antonio Cordero, Olivier Bonaventure ICTEAM, Université catholique de Louvain (Belgium) {juan.cordero olivier.bonaventure}@uclouvain.be
More informationTopology Mapping and Geolocating for China s Internet
IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS 1 Topology Mapping and Geolocating for China s Internet Ye Tian, Member, IEEE, Ratan Dey, Student Member, IEEE, Yong Liu, Member, IEEE, Keith W. Ross,
More informationA Novel Packet Marketing Method in DDoS Attack Detection
SCI-PUBLICATIONS Author Manuscript American Journal of Applied Sciences 4 (10): 741-745, 2007 ISSN 1546-9239 2007 Science Publications A Novel Packet Marketing Method in DDoS Attack Detection 1 Changhyun
More informationAnalysis of Internet Topologies
Analysis of Internet Topologies Ljiljana Trajković ljilja@cs.sfu.ca Communication Networks Laboratory http://www.ensc.sfu.ca/cnl School of Engineering Science Simon Fraser University, Vancouver, British
More informationNetworking Research: Trends and Issues
1 Networking Research: Trends and Issues Deep Medhi Networking & Telecommunication Research (NeTReL) Computer Science & Electrical Engineering Department School of Computing & Engineering University of
More informationXPROBE. Building Efficient Network Discovery Tools. Fyodor Yarochkin
XPROBE Building Efficient Network Discovery Tools Fyodor Yarochkin Outline Introduction Some motivating stories: real-life attacks Efficient network mapping with Lazy Scan mode Layer 7 extensions Scripting
More informationChallenges in Inferring Internet Interdomain Congestion
Challenges in Inferring Internet Interdomain Congestion Matthew Luckie mjl@caida.org Bradley Huffaker bradley@caida.org Amogh Dhamdhere amogh@caida.org kc claffy kc@caida.org David Clark MIT ddc@csail.mit.edu
More informationUpon completion of this course, you will be able to perform the following tasks:
Course: Network Traffic Analysis Duration: 5 Day Lab & Lecture Course Price: $ 3,495.00 Description: Network Traffic Analysis will enable students to differentiate between normal and abnormal network traffic.
More informationLeveraging SDN and NFV in the WAN
Leveraging SDN and NFV in the WAN Introduction Software Defined Networking (SDN) and Network Functions Virtualization (NFV) are two of the key components of the overall movement towards software defined
More informationBREAKING HTTPS WITH BGP HIJACKING. Artyom Gavrichenkov R&D Team Lead, Qrator Labs ag@qrator.net
BREAKING HTTPS WITH BGP HIJACKING Artyom Gavrichenkov R&D Team Lead, Qrator Labs ag@qrator.net ABSTRACT OVERVIEW OF BGP HIJACKING GLOBAL AND LOCAL HIJACKING HIJACKING A CERTIFICATE AUTHORITY MITIGATIONS
More informationMeasuring and Characterizing End-to-End Route Dynamics in the Presence of Load Balancing
Measuring and Characterizing End-to-End Route Dynamics in the Presence of Load Balancing Ítalo Cunha,2 Renata Teixeira 2,3 Christophe Diot Technicolor 2 UPMC Sorbonne Universités 3 CNRS Abstract Since
More informationEvaluation of a Large-Scale Topology Discovery Algorithm
Evaluation of a Large-Scale Topology Discovery Algorithm Benoit Donnet 12, Bradley Huffaker 2, Timur Friedman 1, and kc claffy 2 1 Université Pierre & Marie Curie Laboratoire LiP6/CNRS, UMR 7606, France
More informationSubnet Level Network Topology Mapping
Subnet Level Network Topology Mapping M. Engin Tozal, Student Member, IEEE, Kamil Sarac, Member, IEEE, Department of Computer Science, University of Texas at Dallas, TX 75080 U.S.A. {engintozal, ksarac}@utdallas.edu
More informationINTERNET TOPOLOGY DISCOVERY: A SURVEY
4TH QUARTER 2007, VOLUME 9, NO. 4 IEEE C OMMUNICATIONS SURVEYS T he Electronic Magazine of O riginal Peer-Reviewed Survey Articles www.comsoc.org/pubs/surveys INTERNET TOPOLOGY DISCOVERY: A SURVEY BENOIT
More informationDREAMER and GN4-JRA2 on GTS
GTS Tech+Futures Workshop (Copenhagen) GTS Tech+Futures Workshop (Copenhagen) DREAMER and GN4-JRA2 on GTS CNIT Research Unit of Rome University of Rome Tor Vergata Outline DREAMER (Distributed REsilient
More informationSituational Awareness Through Network Visualization
CYBER SECURITY DIVISION 2014 R&D SHOWCASE AND TECHNICAL WORKSHOP Situational Awareness Through Network Visualization Pacific Northwest National Laboratory Daniel M. Best Bryan Olsen 11/25/2014 Introduction
More informationperfsonar MDM release 3.0 - Product Brief
perfsonar MDM release 3.0 - Product Brief In order to provide the fast, reliable and uninterrupted network communication that users of the GÉANT 2 research networks rely on, network administrators must
More informationThe forces behind the changing Internet: IXPs, content delivery, and virtualization
The forces behind the changing Internet: IXPs, content delivery, and virtualization Prof. Steve Uhlig Head of Networks research group Queen Mary, University of London steve@eecs.qmul.ac.uk http://www.eecs.qmul.ac.uk/~steve/
More informationHow Akamai Maps the Net:
How Akamai Maps the Net: An Industry Perspective George Economou In 2010, everyone uses the Internet. Even if you don t browse the Web, your computer, DVD player, and other appliances try to pull uses
More informationTraffic delivery evolution in the Internet ENOG 4 Moscow 23 rd October 2012
Traffic delivery evolution in the Internet ENOG 4 Moscow 23 rd October 2012 January 29th, 2008 Christian Kaufmann Director Network Architecture Akamai Technologies, Inc. way-back machine Web 1998 way-back
More informationNetwork Resilience. From Concepts to Experimentation. FIRE Research Workshop - May 16 th 2011
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Resilience From Concepts to Experimentation FIRE Research Workshop - May 16 th 2011 Georg Carle, TU
More informationOutline. Outline. Outline
Network Forensics: Network Prefix Scott Hand September 30 th, 2011 1 What is network forensics? 2 What areas will we focus on today? Basics Some Techniques What is it? OS fingerprinting aims to gather
More informationThe Shape of the Network. The Shape of the Internet. Why study topology? Internet topologies. Early work. More on topologies..
The Shape of the Internet Slides assembled by Jeff Chase Duke University (thanks to and ) The Shape of the Network Characterizing shape : AS-level topology: who connects to whom Router-level topology:
More informationData Center Content Delivery Network
BM 465E Distributed Systems Lecture 4 Networking (cont.) Mehmet Demirci Today Overlay networks Data centers Content delivery networks Overlay Network A virtual network built on top of another network Overlay
More informationLimitations of Packet Measurement
Limitations of Packet Measurement Collect and process less information: Only collect packet headers, not payload Ignore single packets (aggregate) Ignore some packets (sampling) Make collection and processing
More informationAnalysis of Internet Topologies: A Historical View
Analysis of Internet Topologies: A Historical View Mohamadreza Najiminaini, Laxmi Subedi, and Ljiljana Trajković Communication Networks Laboratory http://www.ensc.sfu.ca/cnl Simon Fraser University Vancouver,
More informationInfluence Maps - a novel 2-D visualization of massive geographically distributed data sets Introduction Methodology Location Map.
Influence Maps - a novel 2-D visualization of massive geographically distributed data sets Bradley Huffaker, Marina Fomenkov, kc claffy CAIDA, University of California San Diego Introduction As the Internet
More informationActive Measurement Data Analysis Techniques
3/27/2000: This work is an Authors version, and has been submitted for publication. Copyright may be transferred without further notice and the accepted version may then be posted by the publisher. Active
More informationMPLS WAN Explorer. Enterprise Network Management Visibility through the MPLS VPN Cloud
MPLS WAN Explorer Enterprise Network Management Visibility through the MPLS VPN Cloud Executive Summary Increasing numbers of enterprises are outsourcing their backbone WAN routing to MPLS VPN service
More informationSDN and NFV in the WAN
WHITE PAPER Hybrid Networking SDN and NFV in the WAN HOW THESE POWERFUL TECHNOLOGIES ARE DRIVING ENTERPRISE INNOVATION rev. 110615 Table of Contents Introduction 3 Software Defined Networking 3 Network
More informationRequest Routing, Load-Balancing and Fault- Tolerance Solution - MediaDNS
White paper Request Routing, Load-Balancing and Fault- Tolerance Solution - MediaDNS June 2001 Response in Global Environment Simply by connecting to the Internet, local businesses transform themselves
More informationNetworks in the Broad. 2010 Carnegie Mellon University
Networks in the Broad What We Will Cover Introduction Your Network Fundamentals of networks, flow, and protocols Malicious traffic External Events & Trends Malware Networks in the Broad Working Together
More informationNETWORK TOPOLOGIES: INFERENCE, MODELING, AND GENERATION
2ND QUARTER 2008, VOLUME 10, NO. 2 IEEE COMMUNICATIONS SURVEYS www.comsoc.org/pubs/surveys NETWORK TOPOLOGIES: INFERENCE, MODELING, AND GENERATION HAMED HADDADI AND MIGUEL RIO, UNIVERSITY COLLEGE LONDON
More informationWorkshop on Infrastructure Security and Operational Challenges of Service Provider Networks
Workshop on Infrastructure Security and Operational Challenges of Service Provider Networks Farnam Jahanian University of Michigan and Arbor Networks IFIP Working Group 10.4 June 29-30, 2006 What s the
More informationCisco IOS Flexible NetFlow Technology
Cisco IOS Flexible NetFlow Technology Last Updated: December 2008 The Challenge: The ability to characterize IP traffic and understand the origin, the traffic destination, the time of day, the application
More informationLOCAL-AREA PATH DIVERSITY IN THE INTERNET
LOCAL-AREA PATH DIVERSITY IN THE INTERNET Weihaw Chuang, Greg Johnson, Aditya Ojha, Nadya Williams and Joy Xin University of California San Diego 95 Gilman Drive, La Jolla, California 993 email: wchuang,
More informationVytautas Valancius, Nick Feamster, Akihiro Nakao, and Jennifer Rexford
Vytautas Valancius, Nick Feamster, Akihiro Nakao, and Jennifer Rexford Hosting and Cloud computing is on the rise Collocation hosting Cloud and data center hosting Different hosted applications have different
More informationBackbone Modeling for Carrying Local Content and Over-the-Top Traffic
White Paper Backbone Modeling for Carrying Local Content and Over-the-Top Traffic Decision-Making Criteria Using Cisco MATE Collector and Cisco MATE Design and Their Impact on Backbone Design What You
More informationHypothesis Testing for Network Security
Hypothesis Testing for Network Security Philip Godfrey, Matthew Caesar, David Nicol, William H. Sanders, Dong Jin INFORMATION TRUST INSTITUTE University of Illinois at Urbana-Champaign We need a science
More informationA Measurement of NAT & Firewall Characteristics in Peer to Peer Systems
A Measurement of NAT & Firewall Characteristics in Peer to Peer Systems L. D Acunto, J.A. Pouwelse, and H.J. Sips Department of Computer Science Delft University of Technology, The Netherlands l.dacunto@tudelft.nl
More informationOn Characterizing BGP Routing Table Growth Tian Bu, Lixin Gao, and Don Towsley University of Massachusetts, Amherst, MA 01003
On Characterizing BGP Routing Table Growth Tian Bu, Lixin Gao, and Don Towsley University of Massachusetts, Amherst, MA 0003 Abstract The sizes of the BGP routing tables have increased by an order of magnitude
More informationBloom Filter based Inter-domain Name Resolution: A Feasibility Study
Bloom Filter based Inter-domain Name Resolution: A Feasibility Study Konstantinos V. Katsaros, Wei Koong Chai and George Pavlou University College London, UK Outline Inter-domain name resolution in ICN
More informationLeveraging Internet Background Radiation for Opportunistic Network Analysis
Leveraging Internet Background Radiation for Opportunistic Network Analysis Karyn Benson, Alberto Dainotti, kc claffy, Alex C. Snoeren, Michael Kallitsis Computer Science and Engineering, UC San Diego
More informationTraffic & Peering Analysis
Traffic & Peering Analysis or how I learned to stop worrying and love route hijacking Pete Crocker pete@packetdesign.com Agenda Alternate methods of traffic / peering analysis Traffic Matrices Pros & Cons
More information