Internet topology and performance analytics for mapping critical network infrastructure

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Internet topology and performance analytics for mapping critical network infrastructure"

Transcription

1 CYBER SECURITY DIVISION 2014 R&D SHOWCASE AND TECHNICAL WORKSHOP Internet topology and performance analytics for mapping critical network infrastructure CAIDA/UCSD PI k claffy December

2 Team Profile Center for Applied Internet Data Analysis (CAIDA) Founded by PI and Director k claffy Independent analysis and research group 15+ years experience in data collection, curation, and research Known for data collection tools, analysis, and data sharing located at the UC San Diego s Supercomputer Center Key personnel: Bradley Huffaker, Young Hyun, Marina Fomenkov, Josh Polterock, Ken Keys, Matthew Luckie 2

3 Need: Situational Awareness of Internet Fundamental Global Cybersecurity Challenge The Internet s scope and complexity is growing faster than our capability to understand or measure its structure, dynamics, or vulnerabilities. [46k independent networks: typically commercial, competitive, opaque] 3

4 Approach: Infrastructure, Data, Analytics 1. Design, implement, validate measurement algorithms Sustainable and scalable system design 2. Deploy and manage measurement infrastructure 106+ Archipelago monitors (38 IPv6, 58 Pi s, 36 RadClock) Continually and comprehensively probe IP address space 3. Apply algorithms and infrastructure to improve integrity and scope of maps Derive router- and AS-level topologies Curated data kits shared with researchers (ITDK) 4. Inform real-world problems with better understanding of the Internet s structure, routing dynamics, performance, and vulnerabilities 4

5 Approach: Increase Completeness, Accuracy and Richness of Topology Map AS Ranking by Customer Cones (BCP38) Archipelago Router-level map PoP- level map Operator valida0on 5

6 Approach: Curate Data to Enable Others Synthesize data to curate Internet Topology Data Kit Augment with BGP, DNS lookups, geolocation data, other sources of trace route data Derived: IP paths, AS paths, router aliases Results: relationship-aware AS graph; AS-to- Organization mappings; router graph including geolocation & ownership [Eventually] support interactive use of data kit 6

7 Approach: ITDK WorkFlow cyberspace is complicated! Center for Applied Internet Data Analysis ITDK: Internet Topology Data Kit Process IP traceroute BGP looking servers glass servers BGP BGP looking glass glass servers BGP Collectors CAIDA DDec Internet digital envoy Netacuity MAXMIND GeoLite City DNS DNS servers servers data collectors data servers CAIDA A rchipelago scamper MIDAR data files data processes iffinder geographic IPv4 address geolocation AS level BGP paths geographic IPv4 address geolocation DNS HostDB hostnames IP level Ark traces MIDAR router aliases Iffinder AS relationship complex AS relationship multi-lateral peering AS relationship peering from traceroute AS Relationship conventional Geolocation process DRoP hostname decode AS Assignment process Filter IP Hostnames process kapar process AS relationships conventional peering AS relationships conventional AS relationships complex new AS relationships conventional AS graph AS customer cone ITDK Datasets router geolocation router AS assignment hostnames router graph nodes links 7

8 Benefits: Enabling Wide Range of Security and Stability Research router topology mapping and validation architecting interdomain atlas of congestion Structure business relationship inference and validation filter policy congruity scalable measurement systems Performance Security mapping of fragility evolution of advanced TCP features understanding TCP s resilience to attacks forged address detection and mitigation

9 Benefits: Broader Impact macroscopic topology, AS rank Network intelligence: prefix hijacking, outages broader impacts Network intelligence: TreasureMap TR: DNS server placement CCS: routing bottlenecks IMC: mapping google expansion PAM: policy violations IMC: MPLS deployment TR: defend against Tor adversaries IMC: router fingerprinting IMC: ECN readiness PAM: traceroute pitfalls 9

10 Macroscopic Internet Graph 2014 (v4,6) 10

11 Competition Related Work In academics, we view as related work rather than competition and try to reduce unnecessary redundancy. RIPE Atlas (http://atlas.ripe.net/) Internet Atlas (http://internetatlas.org/) iplane datasets (http://iplane.cs.washington.edu/data/data.html) DIMES (http://www.netdimes.org/) zmap (https://zmap.io/) Renesys (http://www.renesys.com/) recently acquired by Dyn 11

12 Current Status: Recent achievements (infrastructure, software/services, data) Deployed 27 Ark nodes (2014) bringing total to 106 Implemented & deployed Dolphin: bulk DNS resolution tool public release of DNS Decoder (DDec) automated hostnamebased geolocation data store and feedback collection service released beta version of interactive intermediate (PoP/citylevel) map validation functionality for testing & feedback (Apr) produced new AS classification derived from: darknet traffic data, AS-relationships, BGP announcements, peeringdb released April 2014 Internet Topology Data Kit (ITDK), with router and BGP-derived AS level topology published AS Core Topology Graph poster for 2014 new interactive data interface (caida.org tab) 12

13 Current Status: Recent achievements (publications, workshops, predictions) two papers at IMC2014 (&TPRC14): Fine-Grained AS Relationship Inference and Challenges in Inferring Internet Interdomain Congestion ACM SIGCOMM CCR papers on DNS-based router positioning (DRoP), spurious routes in BGP data two papers to appear PAM2015: IPv6 AS Relationships, Clique, and Congruence, Measuring and Characterizing IPv6 Router Availability (collaboration with NPS.edu) invited panel (slides&video online): Internet Architecture Innovation: 2020 and 2030, Duke Law s Center for Innovation Policy Forum Active Internet Measurement Workshop (AIMS2014) Workshop on Internet Economics (WIE2014) New CAIDA program plan

14 Next Steps: CAIDA Interactive Interactive views of data that allows users to: Learn from annotated Internet data Provide feedback on analysis & inference methods Execute on-demand measurements Correlate with other data sources Aiming for user-friendly interface to topology data and infrastructure AS Rank as-rank.caida.org DDec ddec.caida.org DatCat CHARTH USE charthouse.caida.org Vela vela.caida.org 14

15 Contact Information k claffy 15

High-Frequency Active Internet Topology Mapping

High-Frequency Active Internet Topology Mapping High-Frequency Active Internet Topology Mapping Cyber Security Division 2012 Principal Investigators Meeting October 10, 2012 Robert Beverly Assistant Professor Naval Postgraduate School rbeverly@nps.edu

More information

Internet Mapping: from Art to Science

Internet Mapping: from Art to Science Internet Mapping: from Art to Science Kimberly Claffy Young Hyun Ken Keys Marina Fomenkov Dmitri Krioukov Cooperative Association for Internet Data Analysis, San Diego Supercomputer Center, University

More information

The Joint Degree Distribution as a Definitive Metric of the Internet AS-level Topologies

The Joint Degree Distribution as a Definitive Metric of the Internet AS-level Topologies The Joint Degree Distribution as a Definitive Metric of the Internet AS-level Topologies Priya Mahadevan, Dimitri Krioukov, Marina Fomenkov, Brad Huffaker, Xenofontas Dimitropoulos, kc claffy, Amin Vahdat

More information

DRoP:DNS-based Router Positioning

DRoP:DNS-based Router Positioning DRoP:DNS-based Router Positioning Bradley Huffaker, Marina Fomenkov, kc claffy {bradley,marina,kc}@caida.org CAIDA, University of California, San Diego ABSTRACT In this paper we focus on geolocating Internet

More information

Bulk DNS Lookup Service

Bulk DNS Lookup Service Josh Polterock josh@caida.org CAIDA/WIDE Workshop January 19, 2008 Honolulu, HI USA Overview Motivation Bulk DNS Lookup Service Lookups of Topology Data Conclusions 2 Motivation DNS information is valuable

More information

The digital copy of this thesis is protected by the Copyright Act 1994 (New Zealand).

The digital copy of this thesis is protected by the Copyright Act 1994 (New Zealand). http://waikato.researchgateway.ac.nz/ Research Commons at the University of Waikato Copyright Statement: The digital copy of this thesis is protected by the Copyright Act 1994 (New Zealand). The thesis

More information

Studying Black Holes on the Internet with Hubble

Studying Black Holes on the Internet with Hubble Studying Black Holes on the Internet with Hubble Ethan Katz-Bassett, Harsha V. Madhyastha, John P. John, Arvind Krishnamurthy, David Wetherall, Thomas Anderson University of Washington August 2008 This

More information

Analyzing and modelling the AS-level Internet topology

Analyzing and modelling the AS-level Internet topology Analyzing and modelling the AS-level Internet topology Shi Zhou & Raul J. Mondragon Department of Electronic Engineering Queen Mary, University of London Mile End Road, London, E1 4NS, United Kingdom Email:

More information

Active Measurements: traceroute

Active Measurements: traceroute Active Measurements: traceroute 1 Tools: Traceroute Exploit TTL (Time to Live) feature of IP When a router receives a packet with TTL=1, packet is discarded and ICMP_time_exceeded returned to sender Operational

More information

Recent Results in Network Mapping: Implications on Cybersecurity

Recent Results in Network Mapping: Implications on Cybersecurity Recent Results in Network Mapping: Implications on Cybersecurity Robert Beverly, Justin Rohrer, Geoffrey Xie Naval Postgraduate School Center for Measurement and Analysis of Network Data (CMAND) July 27,

More information

A Study on Traceroute Potentiality in Revealing the Internet AS-level Topology

A Study on Traceroute Potentiality in Revealing the Internet AS-level Topology A Study on Traceroute Potentiality in Revealing the Internet AS-level Topology Adriano Faggiani, Enrico Gregori, Alessandro Improta, Luciano Lenzini, Valerio Luconi, Luca Sani Information Engineering Department,

More information

Embedded BGP Routing Monitoring. Th. Lévy O. Marcé

Embedded BGP Routing Monitoring. Th. Lévy O. Marcé Embedded BGP Routing Monitoring Th. Lévy O. Marcé Introduction & Motivations Off-line BGP routing monitoring initiatives (i.e based on router logs) already exist: Periodic report : The CIDR Report Objective

More information

Distributed Systems. 23. Content Delivery Networks (CDN) Paul Krzyzanowski. Rutgers University. Fall 2015

Distributed Systems. 23. Content Delivery Networks (CDN) Paul Krzyzanowski. Rutgers University. Fall 2015 Distributed Systems 23. Content Delivery Networks (CDN) Paul Krzyzanowski Rutgers University Fall 2015 November 17, 2015 2014-2015 Paul Krzyzanowski 1 Motivation Serving web content from one location presents

More information

Multihoming and Multi-path Routing. CS 7260 Nick Feamster January 29. 2007

Multihoming and Multi-path Routing. CS 7260 Nick Feamster January 29. 2007 Multihoming and Multi-path Routing CS 7260 Nick Feamster January 29. 2007 Today s Topic IP-Based Multihoming What is it? What problem is it solving? (Why multihome?) How is it implemented today (in IP)?

More information

Efficient Discovery of Load-Balanced Paths. Alistair King al@bellstreet.co.nz

Efficient Discovery of Load-Balanced Paths. Alistair King al@bellstreet.co.nz Efficient Discovery of Load-Balanced Paths Alistair King al@bellstreet.co.nz Load-Balancer Traceroute Gives confidence that the complete topology has been discovered. Probes each TTL repeatedly to discover

More information

On the Impact of Route Monitor Selection

On the Impact of Route Monitor Selection On the Impact of Route Monitor Selection Ying Zhang Zheng Zhang Z. Morley Mao Y. Charlie Hu Bruce M. Maggs Univ. of Michigan Purdue Univ. Univ. of Michigan Purdue Univ. Carnegie Mellon and Akamai Tech.

More information

On the Eyeshots of BGP Vantage Points

On the Eyeshots of BGP Vantage Points On the Eyeshots of BGP Vantage Points Kai Chen, Chengchen Hu, Wenwen Zhang, Yan Chen, Bin Liu Northwestern University, Tsinghua University, University of Illinois at Chicago {kchen, ychen}@northwestern.edu,

More information

Efficient Doubletree: An Algorithm for Large-Scale Topology Discovery

Efficient Doubletree: An Algorithm for Large-Scale Topology Discovery Middle-East Journal of Scientific Research 15 (9): 1264-1271, 2013 ISSN 1990-9233 IDOSI Publications, 2013 DOI: 10.5829/idosi.mejsr.2013.15.9.11480 Efficient Doubletree: An Algorithm for Large-Scale Topology

More information

Distributed Systems. 25. Content Delivery Networks (CDN) 2014 Paul Krzyzanowski. Rutgers University. Fall 2014

Distributed Systems. 25. Content Delivery Networks (CDN) 2014 Paul Krzyzanowski. Rutgers University. Fall 2014 Distributed Systems 25. Content Delivery Networks (CDN) Paul Krzyzanowski Rutgers University Fall 2014 November 16, 2014 2014 Paul Krzyzanowski 1 Motivation Serving web content from one location presents

More information

A Second Look at Detecting Third-Party Addresses in Traceroute Traces with the IP Timestamp Option

A Second Look at Detecting Third-Party Addresses in Traceroute Traces with the IP Timestamp Option A Second Look at Detecting Third-Party Addresses in Traceroute Traces with the IP Timestamp Option Matthew Luckie and kc claffy {mjl,kc}@caida.org CAIDA, UC San Diego, USA Abstract. Artifacts in traceroute

More information

On the Impact of Route Monitor Selection

On the Impact of Route Monitor Selection On the Impact of Route Monitor Selection Ying Zhang Zheng Zhang Z. Morley Mao Y. Charlie Hu Bruce Maggs Univ. of Michigan Purdue Univ. Univ. of Michigan Purdue Univ. CMU Paper ID: E-578473438 Number of

More information

Scalable NetFlow Analysis with Hadoop Yeonhee Lee and Youngseok Lee

Scalable NetFlow Analysis with Hadoop Yeonhee Lee and Youngseok Lee Scalable NetFlow Analysis with Hadoop Yeonhee Lee and Youngseok Lee {yhlee06, lee}@cnu.ac.kr http://networks.cnu.ac.kr/~yhlee Chungnam National University, Korea January 8, 2013 FloCon 2013 Contents Introduction

More information

State of the Cloud DNS Report

State of the Cloud DNS Report transparency for the cloud State of the Cloud DNS Report Basic Edition April 2015 2015 Table of Contents Overview Introduction 3 Anycast vs. Unicast DNS 3 Provider Overview & Current News 4 Provider Marketshare

More information

State of the Cloud DNS Report

State of the Cloud DNS Report transparency for the cloud State of the Cloud DNS Report Basic Edition August 2015 2015 Table of Contents Overview Introduction 3 Anycast vs. Unicast DNS 3 Provider Overview & Current News 4 Provider Marketshare

More information

Yarrp ing the Internet

Yarrp ing the Internet Yarrp ing the Internet Robert Beverly Naval Postgraduate School February 12, 2016 Active Internet Measurements (AIMS) Workshop R. Beverly (NPS) Yarrp AIMS 2016 1 / 17 Motivation Active Topology Probing

More information

AS Relationships, Customer Cones, and Validation

AS Relationships, Customer Cones, and Validation AS Relationships, Customer Cones, and Validation Matthew Luckie CAIDA / UC San Diego mjl@caida.org Vasileios Giotsas University College London V.Giotsas@cs.ucl.ac.uk Bradley Huffaker CAIDA / UC San Diego

More information

Some Examples of Network Measurements

Some Examples of Network Measurements Some Examples of Network Measurements Example 1 Data: Traceroute measurements Objective: Inferring Internet topology at the router-level Example 2 Data: Traceroute measurements Objective: Inferring Internet

More information

Measured Impact of Crooked Traceroute

Measured Impact of Crooked Traceroute Measured Impact of Crooked Traceroute Matthew Luckie Amogh Dhamdhere, kc claffy David Murrell Computer Science CAIDA Computer Science University of Waikato University of California, San Diego University

More information

A Characterization of IPv6 Network Security Policy

A Characterization of IPv6 Network Security Policy A Characterization of IPv6 Network Security Policy Mark International Computer Science Institute MAPRG Meeting April 2016 Hey [IETF] I'm calling all stations Blowing down the wire tonight I'm singing through

More information

Primitives for Active Internet Topology Mapping: Toward High-Frequency Characterization

Primitives for Active Internet Topology Mapping: Toward High-Frequency Characterization Primitives for Active Internet Topology Mapping: Toward High-Frequency Characterization Robert Beverly Naval Postgraduate School rbeverly@nps.edu Arthur Berger MIT CSAIL / Akamai awberger@csail.mit.edu

More information

Efficient Doubletree: An Algorithm for Large-Scale Topology Discovery

Efficient Doubletree: An Algorithm for Large-Scale Topology Discovery IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661, p- ISSN: 2278-8727Volume 13, Issue 3 (Jul. - Aug. 2013), PP 05-12 Efficient Doubletree: An Algorithm for Large-Scale Topology Discovery

More information

PORTOLAN. Probing the Internet through Smartphone-based Crowdsourcing

PORTOLAN. Probing the Internet through Smartphone-based Crowdsourcing PORTOLAN Probing the Internet through Smartphone-based Crowdsourcing Adriano Faggiani, Enrico Gregori, Alessandro Improta, Luciano Lenzini, Valerio Luconi, Alessio Vecchio RIPE 67 Athens 14-18 October

More information

Detecting BGP hijacks in 2014

Detecting BGP hijacks in 2014 Detecting BGP hijacks in 2014 Guillaume Valadon & Nicolas Vivet Agence nationale de la sécurité des systèmes d information http://www.ssi.gouv.fr/en NSC - November 21th, 2014 ANSSI - Detecting BGP hijacks

More information

Amogh Dhamdhere. Cooperative Association for Internet Data Analysis 9500 Gilman Dr., Mail Stop 0505 amogh@caida.org La Jolla, CA 92093-0505

Amogh Dhamdhere. Cooperative Association for Internet Data Analysis 9500 Gilman Dr., Mail Stop 0505 amogh@caida.org La Jolla, CA 92093-0505 Amogh Dhamdhere Research Scientist 858-822-0882 (O) Cooperative Association for Internet Data Analysis 9500 Gilman Dr., Mail Stop 0505 amogh@caida.org La Jolla, CA 92093-0505 www.caida.org/ amogh Education

More information

Outline. EE 122: Interdomain Routing Protocol (BGP) BGP Routing. Internet is more complicated... Ion Stoica TAs: Junda Liu, DK Moon, David Zats

Outline. EE 122: Interdomain Routing Protocol (BGP) BGP Routing. Internet is more complicated... Ion Stoica TAs: Junda Liu, DK Moon, David Zats Outline EE 22: Interdomain Routing Protocol (BGP) Ion Stoica TAs: Junda Liu, DK Moon, David Zats http://inst.eecs.berkeley.edu/~ee22/fa9 (Materials with thanks to Vern Paxson, Jennifer Rexford, and colleagues

More information

Public Review for Revealing MPLS Tunnels Obscured from Traceroute. Benoit Donnet, Matthew Luckie, Pascal Mérindol, and Jean-Jacques Pansiot

Public Review for Revealing MPLS Tunnels Obscured from Traceroute. Benoit Donnet, Matthew Luckie, Pascal Mérindol, and Jean-Jacques Pansiot a c m Public Review for Revealing MPLS Tunnels Obscured from Traceroute Benoit Donnet, Matthew Luckie, Pascal Mérindol, and Jean-Jacques Pansiot Multiprotocol Label Switching (MPLS) has been widely deployed

More information

Collapse by Cascading Failures in Hybrid Attacked Regional Internet

Collapse by Cascading Failures in Hybrid Attacked Regional Internet Collapse by Cascading Failures in Hybrid Attacked Regional Internet Ye Xu and Zhuo Wang College of Information Science and Engineering, Shenyang Ligong University, Shenyang China xuy.mail@gmail.com Abstract

More information

C HINA 1 is the country with the largest number of Internet

C HINA 1 is the country with the largest number of Internet 1908 IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 24, NO. 9, SEPTEMBER 2013 Topology Mapping and Geolocating for China s Internet Ye Tian, Member, IEEE, Ratan Dey, Student Member, IEEE,

More information

Livermore Computer Network Simulation Program

Livermore Computer Network Simulation Program LLNL-CONF-524373 Livermore Computer Network Simulation Program P. D. Barnes, J. M. Brase, T. W. Canales, M. M. Damante, M. A. Horsley, D. R. Jefferson, R. A. Soltz January 25, 2012 LIvermore Computer Network

More information

Collecting the Internet AS-level Topology

Collecting the Internet AS-level Topology Collecting the Internet AS-level Topology Beichuan Zhang, Raymond Liu Computer Science Dept. UCLA {bzhang, raymondl}@cs.ucla.edu Daniel Massey Computer Science Dept. Colorado State University massey@cs.colostate.edu

More information

Internet Infrastructure Measurement: Challenges and Tools

Internet Infrastructure Measurement: Challenges and Tools Internet Infrastructure Measurement: Challenges and Tools Internet Infrastructure Measurement: Challenges and Tools Outline Motivation Challenges Tools Conclusion Why Measure? Why Measure? Internet, with

More information

Efficient Methodical Internet Topology Discovery

Efficient Methodical Internet Topology Discovery Efficient Methodical Internet Topology Discovery Alistair King Supervisor: Dr Matthew Luckie This report is submitted in partial fulfilment of the requirements for the degree of Bachelor of Computing and

More information

Internet Traffic Trends A View from 67 ISPs

Internet Traffic Trends A View from 67 ISPs Internet Traffic Trends A View from 67 ISPs Craig Labovitz (labovit@arbor.net) Danny McPherson (danny@arbor.net) Scott Iekel-Johnson (scottij@arbor.net) Mike Hollyman (mhollyman@arbor.net) Internet Statistics

More information

Summary : Mapping Interconnection in the Internet: Colocation, Connectivity and Congestion

Summary : Mapping Interconnection in the Internet: Colocation, Connectivity and Congestion Summary: Mapping Interconnection in the Internet: Colocation, Connectivity and Congestion As the global Internet expands to satisfy the demands and expectations of an ever-increasing fraction of the world

More information

Massive Cloud Auditing using Data Mining on Hadoop

Massive Cloud Auditing using Data Mining on Hadoop Massive Cloud Auditing using Data Mining on Hadoop Prof. Sachin Shetty CyberBAT Team, AFRL/RIGD AFRL VFRP Tennessee State University Outline Massive Cloud Auditing Traffic Characterization Distributed

More information

Layer 1-Informed Internet Topology Measurement

Layer 1-Informed Internet Topology Measurement Layer 1-Informed Internet Topology Measurement Ramakrishnan Durairajan University of Wisconsin-Madison rkrish@cs.wisc.edu Joel Sommers Colgate University jsommers@colgate.edu Paul Barford University of

More information

Discovering High-Impact Routing Events Using Traceroutes

Discovering High-Impact Routing Events Using Traceroutes ISCC 2015 IEEE Symposium on Computers and Communications Discovering High-Impact Routing Events Using Traceroutes Dept. of Engineering, Roma Tre University, Italy July 7th, 2015 Larnaca, Cyprus Joint work

More information

Week 4 / Paper 1. Open issues in Interdomain Routing: a survey

Week 4 / Paper 1. Open issues in Interdomain Routing: a survey Week 4 / Paper 1 Open issues in Interdomain Routing: a survey Marcelo Yannuzzi, Xavier Masip-Bruin, Olivier Bonaventure IEEE Network, Nov.-Dec. 2005, vol. 19, no. 6, pp. 49 56 Main point There are many

More information

Topology Discovery at the Router Level: A New Hybrid Tool Targeting ISP Networks

Topology Discovery at the Router Level: A New Hybrid Tool Targeting ISP Networks IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL. 29, NO. 9, OCTOBER 2011 1 Topology Discovery at the Router Level: A New Hybrid Tool Targeting ISP Networks Pietro Marchetta, Pascal Mérindol, Benoit

More information

A Stateless Traceback Technique for Identifying the Origin of Attacks from a Single Packet

A Stateless Traceback Technique for Identifying the Origin of Attacks from a Single Packet A Stateless Traceback Technique for Identifying the Origin of Attacks from a Single Packet Marcelo D. D. Moreira, Rafael P. Laufer, Natalia C. Fernandes, and Otto Carlos M. B. Duarte Universidade Federal

More information

Towards Autonomic DDoS Mitigation using Software Defined Networking

Towards Autonomic DDoS Mitigation using Software Defined Networking Towards Autonomic DDoS Mitigation using Software Defined Networking Authors: Rishikesh Sahay, Gregory Blanc, Zonghua Zhang, Hervé Debar NDSS Workshop on Security of Emerging Networking Technologies (SENT

More information

Leveraging SDN and NFV in the WAN

Leveraging SDN and NFV in the WAN Leveraging SDN and NFV in the WAN Introduction Software Defined Networking (SDN) and Network Functions Virtualization (NFV) are two of the key components of the overall movement towards software defined

More information

Topology Mapping and Geolocating for China s Internet

Topology Mapping and Geolocating for China s Internet IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS 1 Topology Mapping and Geolocating for China s Internet Ye Tian, Member, IEEE, Ratan Dey, Student Member, IEEE, Yong Liu, Member, IEEE, Keith W. Ross,

More information

Understanding the topological properties of Internet traffic: a view from the edge

Understanding the topological properties of Internet traffic: a view from the edge Understanding the topological properties of Internet traffic: a view from the edge Juan Antonio Cordero, Olivier Bonaventure ICTEAM, Université catholique de Louvain (Belgium) {juan.cordero olivier.bonaventure}@uclouvain.be

More information

XPROBE-NG. What s new with upcoming version of the tool. Fyodor Yarochkin Armorize Technologies

XPROBE-NG. What s new with upcoming version of the tool. Fyodor Yarochkin Armorize Technologies XPROBE-NG What s new with upcoming version of the tool Fyodor Yarochkin Armorize Technologies Abstract Attacks trends analysis and network modern discovery requirements lazy scanning, application level

More information

Measuring the Evolution of Internet Peering Agreements

Measuring the Evolution of Internet Peering Agreements Measuring the Evolution of Internet Peering Agreements Amogh Dhamdhere 1, Himalatha Cherukuru 2, Constantine Dovrolis 2, and Kc Claffy 1 CAIDA 1 Georgia Tech 2 {amogh,kc}@caida.org dovrolis@cc.gatech.edu

More information

AfriNREN Project Literature Review

AfriNREN Project Literature Review AfriNREN Project Literature Review Chantal Yang, UNIVERSITY OF CAPE TOWN Previous research on National Research and Education Networks (NRENs) in Africa has shown high latency in traffic exchange between

More information

Challenges in Inferring Internet Interdomain Congestion

Challenges in Inferring Internet Interdomain Congestion Challenges in Inferring Internet Interdomain Congestion Matthew Luckie mjl@caida.org Bradley Huffaker bradley@caida.org Amogh Dhamdhere amogh@caida.org kc claffy kc@caida.org David Clark MIT ddc@csail.mit.edu

More information

DREAMER and GN4-JRA2 on GTS

DREAMER and GN4-JRA2 on GTS GTS Tech+Futures Workshop (Copenhagen) GTS Tech+Futures Workshop (Copenhagen) DREAMER and GN4-JRA2 on GTS CNIT Research Unit of Rome University of Rome Tor Vergata Outline DREAMER (Distributed REsilient

More information

Measuring and Characterizing End-to-End Route Dynamics in the Presence of Load Balancing

Measuring and Characterizing End-to-End Route Dynamics in the Presence of Load Balancing Measuring and Characterizing End-to-End Route Dynamics in the Presence of Load Balancing Ítalo Cunha,2 Renata Teixeira 2,3 Christophe Diot Technicolor 2 UPMC Sorbonne Universités 3 CNRS Abstract Since

More information

LOCAL-AREA PATH DIVERSITY IN THE INTERNET

LOCAL-AREA PATH DIVERSITY IN THE INTERNET LOCAL-AREA PATH DIVERSITY IN THE INTERNET Weihaw Chuang, Greg Johnson, Aditya Ojha, Nadya Williams and Joy Xin University of California San Diego 95 Gilman Drive, La Jolla, California 993 email: wchuang,

More information

perfsonar MDM release 3.0 - Product Brief

perfsonar MDM release 3.0 - Product Brief perfsonar MDM release 3.0 - Product Brief In order to provide the fast, reliable and uninterrupted network communication that users of the GÉANT 2 research networks rely on, network administrators must

More information

Subnet Level Network Topology Mapping

Subnet Level Network Topology Mapping Subnet Level Network Topology Mapping M. Engin Tozal, Student Member, IEEE, Kamil Sarac, Member, IEEE, Department of Computer Science, University of Texas at Dallas, TX 75080 U.S.A. {engintozal, ksarac}@utdallas.edu

More information

Limitations of Packet Measurement

Limitations of Packet Measurement Limitations of Packet Measurement Collect and process less information: Only collect packet headers, not payload Ignore single packets (aggregate) Ignore some packets (sampling) Make collection and processing

More information

Active Measurement Data Analysis Techniques

Active Measurement Data Analysis Techniques 3/27/2000: This work is an Authors version, and has been submitted for publication. Copyright may be transferred without further notice and the accepted version may then be posted by the publisher. Active

More information

Web Caching and CDNs. Aditya Akella

Web Caching and CDNs. Aditya Akella Web Caching and CDNs Aditya Akella 1 Where can bottlenecks occur? First mile: client to its ISPs Last mile: server to its ISP Server: compute/memory limitations ISP interconnections/peerings: congestion

More information

INTERNET TOPOLOGY DISCOVERY: A SURVEY

INTERNET TOPOLOGY DISCOVERY: A SURVEY 4TH QUARTER 2007, VOLUME 9, NO. 4 IEEE C OMMUNICATIONS SURVEYS T he Electronic Magazine of O riginal Peer-Reviewed Survey Articles www.comsoc.org/pubs/surveys INTERNET TOPOLOGY DISCOVERY: A SURVEY BENOIT

More information

Towards the Science of Network Measurement. Rocky K. C. Chang The Internet Infrastructure and Security Laboratory November 20, 2012

Towards the Science of Network Measurement. Rocky K. C. Chang The Internet Infrastructure and Security Laboratory November 20, 2012 Towards the Science of Network Measurement Rocky K. C. Chang The Internet Infrastructure and Security Laboratory November 20, 2012 Network measurement problems Topology characterization Geolocation problems

More information

Request Routing, Load-Balancing and Fault- Tolerance Solution - MediaDNS

Request Routing, Load-Balancing and Fault- Tolerance Solution - MediaDNS White paper Request Routing, Load-Balancing and Fault- Tolerance Solution - MediaDNS June 2001 Response in Global Environment Simply by connecting to the Internet, local businesses transform themselves

More information

MPLS WAN Explorer. Enterprise Network Management Visibility through the MPLS VPN Cloud

MPLS WAN Explorer. Enterprise Network Management Visibility through the MPLS VPN Cloud MPLS WAN Explorer Enterprise Network Management Visibility through the MPLS VPN Cloud Executive Summary Increasing numbers of enterprises are outsourcing their backbone WAN routing to MPLS VPN service

More information

Vytautas Valancius, Nick Feamster, Akihiro Nakao, and Jennifer Rexford

Vytautas Valancius, Nick Feamster, Akihiro Nakao, and Jennifer Rexford Vytautas Valancius, Nick Feamster, Akihiro Nakao, and Jennifer Rexford Hosting and Cloud computing is on the rise Collocation hosting Cloud and data center hosting Different hosted applications have different

More information

SDN and NFV in the WAN

SDN and NFV in the WAN WHITE PAPER Hybrid Networking SDN and NFV in the WAN HOW THESE POWERFUL TECHNOLOGIES ARE DRIVING ENTERPRISE INNOVATION rev. 110615 Table of Contents Introduction 3 Software Defined Networking 3 Network

More information

Analysis of Internet Topologies

Analysis of Internet Topologies Analysis of Internet Topologies Ljiljana Trajković ljilja@cs.sfu.ca Communication Networks Laboratory http://www.ensc.sfu.ca/cnl School of Engineering Science Simon Fraser University, Vancouver, British

More information

Efficient strategies for active interface-level network topology discovery

Efficient strategies for active interface-level network topology discovery Calhoun: The NPS Institutional Archive Theses and Dissertations Thesis Collection 2013-09 Efficient strategies for active interface-level network topology discovery Baltra, Guillermo P. Monterey, California:

More information

A Survey of Techniques for Internet Topology Discovery

A Survey of Techniques for Internet Topology Discovery A Survey of Techniques for Internet Topology Discovery Reza Motamedi, Reza Rejaie University of Oregon {motamedi,reza}@cs.uoregon.edu Walter Willinger Niksun Inc. wwillinger@niksun.com ABSTRACT Capturing

More information

A Novel Packet Marketing Method in DDoS Attack Detection

A Novel Packet Marketing Method in DDoS Attack Detection SCI-PUBLICATIONS Author Manuscript American Journal of Applied Sciences 4 (10): 741-745, 2007 ISSN 1546-9239 2007 Science Publications A Novel Packet Marketing Method in DDoS Attack Detection 1 Changhyun

More information

XPROBE. Building Efficient Network Discovery Tools. Fyodor Yarochkin

XPROBE. Building Efficient Network Discovery Tools. Fyodor Yarochkin XPROBE Building Efficient Network Discovery Tools Fyodor Yarochkin Outline Introduction Some motivating stories: real-life attacks Efficient network mapping with Lazy Scan mode Layer 7 extensions Scripting

More information

Hypothesis Testing for Network Security

Hypothesis Testing for Network Security Hypothesis Testing for Network Security Philip Godfrey, Matthew Caesar, David Nicol, William H. Sanders, Dong Jin INFORMATION TRUST INSTITUTE University of Illinois at Urbana-Champaign We need a science

More information

Backbone Modeling for Carrying Local Content and Over-the-Top Traffic

Backbone Modeling for Carrying Local Content and Over-the-Top Traffic White Paper Backbone Modeling for Carrying Local Content and Over-the-Top Traffic Decision-Making Criteria Using Cisco MATE Collector and Cisco MATE Design and Their Impact on Backbone Design What You

More information

Upon completion of this course, you will be able to perform the following tasks:

Upon completion of this course, you will be able to perform the following tasks: Course: Network Traffic Analysis Duration: 5 Day Lab & Lecture Course Price: $ 3,495.00 Description: Network Traffic Analysis will enable students to differentiate between normal and abnormal network traffic.

More information

Cisco IOS Flexible NetFlow Technology

Cisco IOS Flexible NetFlow Technology Cisco IOS Flexible NetFlow Technology Last Updated: December 2008 The Challenge: The ability to characterize IP traffic and understand the origin, the traffic destination, the time of day, the application

More information

Traffic delivery evolution in the Internet ENOG 4 Moscow 23 rd October 2012

Traffic delivery evolution in the Internet ENOG 4 Moscow 23 rd October 2012 Traffic delivery evolution in the Internet ENOG 4 Moscow 23 rd October 2012 January 29th, 2008 Christian Kaufmann Director Network Architecture Akamai Technologies, Inc. way-back machine Web 1998 way-back

More information

Evaluation of a Large-Scale Topology Discovery Algorithm

Evaluation of a Large-Scale Topology Discovery Algorithm Evaluation of a Large-Scale Topology Discovery Algorithm Benoit Donnet 12, Bradley Huffaker 2, Timur Friedman 1, and kc claffy 2 1 Université Pierre & Marie Curie Laboratoire LiP6/CNRS, UMR 7606, France

More information

Outline. Outline. Outline

Outline. Outline. Outline Network Forensics: Network Prefix Scott Hand September 30 th, 2011 1 What is network forensics? 2 What areas will we focus on today? Basics Some Techniques What is it? OS fingerprinting aims to gather

More information

Traffic & Peering Analysis

Traffic & Peering Analysis Traffic & Peering Analysis or how I learned to stop worrying and love route hijacking Pete Crocker pete@packetdesign.com Agenda Alternate methods of traffic / peering analysis Traffic Matrices Pros & Cons

More information

NETWORK TOPOLOGIES: INFERENCE, MODELING, AND GENERATION

NETWORK TOPOLOGIES: INFERENCE, MODELING, AND GENERATION 2ND QUARTER 2008, VOLUME 10, NO. 2 IEEE COMMUNICATIONS SURVEYS www.comsoc.org/pubs/surveys NETWORK TOPOLOGIES: INFERENCE, MODELING, AND GENERATION HAMED HADDADI AND MIGUEL RIO, UNIVERSITY COLLEGE LONDON

More information

The forces behind the changing Internet: IXPs, content delivery, and virtualization

The forces behind the changing Internet: IXPs, content delivery, and virtualization The forces behind the changing Internet: IXPs, content delivery, and virtualization Prof. Steve Uhlig Head of Networks research group Queen Mary, University of London steve@eecs.qmul.ac.uk http://www.eecs.qmul.ac.uk/~steve/

More information

Network Resilience. From Concepts to Experimentation. FIRE Research Workshop - May 16 th 2011

Network Resilience. From Concepts to Experimentation. FIRE Research Workshop - May 16 th 2011 Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Resilience From Concepts to Experimentation FIRE Research Workshop - May 16 th 2011 Georg Carle, TU

More information

How Akamai Maps the Net:

How Akamai Maps the Net: How Akamai Maps the Net: An Industry Perspective George Economou In 2010, everyone uses the Internet. Even if you don t browse the Web, your computer, DVD player, and other appliances try to pull uses

More information

Situational Awareness Through Network Visualization

Situational Awareness Through Network Visualization CYBER SECURITY DIVISION 2014 R&D SHOWCASE AND TECHNICAL WORKSHOP Situational Awareness Through Network Visualization Pacific Northwest National Laboratory Daniel M. Best Bryan Olsen 11/25/2014 Introduction

More information

The Shape of the Network. The Shape of the Internet. Why study topology? Internet topologies. Early work. More on topologies..

The Shape of the Network. The Shape of the Internet. Why study topology? Internet topologies. Early work. More on topologies.. The Shape of the Internet Slides assembled by Jeff Chase Duke University (thanks to and ) The Shape of the Network Characterizing shape : AS-level topology: who connects to whom Router-level topology:

More information

Analysis of Internet Topologies: A Historical View

Analysis of Internet Topologies: A Historical View Analysis of Internet Topologies: A Historical View Mohamadreza Najiminaini, Laxmi Subedi, and Ljiljana Trajković Communication Networks Laboratory http://www.ensc.sfu.ca/cnl Simon Fraser University Vancouver,

More information

BGP and Traffic Engineering with Akamai. Christian Kaufmann Akamai Technologies MENOG 14

BGP and Traffic Engineering with Akamai. Christian Kaufmann Akamai Technologies MENOG 14 BGP and Traffic Engineering with Akamai Christian Kaufmann Akamai Technologies MENOG 14 The Akamai Intelligent Platform The world s largest on-demand, distributed computing platform delivers all forms

More information

Influence Maps - a novel 2-D visualization of massive geographically distributed data sets Introduction Methodology Location Map.

Influence Maps - a novel 2-D visualization of massive geographically distributed data sets Introduction Methodology Location Map. Influence Maps - a novel 2-D visualization of massive geographically distributed data sets Bradley Huffaker, Marina Fomenkov, kc claffy CAIDA, University of California San Diego Introduction As the Internet

More information

IP Network Monitoring and Measurements: Techniques and Experiences

IP Network Monitoring and Measurements: Techniques and Experiences IP Network Monitoring and Measurements: Techniques and Experiences Philippe Owezarski LAAS-CNRS Toulouse, France Owe@laas.fr 1 Outline 4 Introduction 4 Monitoring problematic 8Only based on network administration

More information

BM 465E Distributed Systems

BM 465E Distributed Systems BM 465E Distributed Systems Lecture 4 Networking (cont.) Mehmet Demirci Today Overlay networks Data centers Content delivery networks Overlay Network A virtual network built on top of another network Overlay

More information

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief RSA Solution Brief RSA envision Platform Real-time Actionable Information, Streamlined Incident Handling, Effective Measures RSA Solution Brief The job of Operations, whether a large organization with

More information

Networks in the Broad. 2010 Carnegie Mellon University

Networks in the Broad. 2010 Carnegie Mellon University Networks in the Broad What We Will Cover Introduction Your Network Fundamentals of networks, flow, and protocols Malicious traffic External Events & Trends Malware Networks in the Broad Working Together

More information

Workshop on Infrastructure Security and Operational Challenges of Service Provider Networks

Workshop on Infrastructure Security and Operational Challenges of Service Provider Networks Workshop on Infrastructure Security and Operational Challenges of Service Provider Networks Farnam Jahanian University of Michigan and Arbor Networks IFIP Working Group 10.4 June 29-30, 2006 What s the

More information

MERLIN: MEasure the Router Level of the INternet

MERLIN: MEasure the Router Level of the INternet 1 MERLIN: MEasure the Router Level of the INternet Pascal Mérindol, Benoit Donnet, Jean-Jacques Pansiot, Matthew Luckie, Young Hyun LSIIT, Université de Strasbourg France ICTEAM, Université catholique

More information