Archive for the 'Measurement' Category


Tuesday, January 22nd, 2013 by Robert Beverly

[This blog entry is guest written by Robert Beverly at the Naval Postgraduate School.]

In many respects, the deployment, adoption, use, and performance of IPv6 has received more recent attention than IPv4. Certainly the longitudinal measurement of IPv6, from its infancy to the exhaustion of ICANN v4 space to native 1% penetration (as observed by Google), is more complete than IPv4. Indeed, there are many vested parties in (either the success or failure) of IPv6, and numerous IPv6 measurement efforts afoot.

Researchers from Akamai, CAIDA, ICSI, NPS, and MIT met in early January, 2013 to firstly share and make sense of current measurement initiatives, while secondly plotting a path forward for the community in measuring IPv6. A specific objective of the meeting was to understand which aspects of IPv6 measurement are “done” (in the sense that there exists a sound methodology, even if measurement should continue), and which IPv6 questions/measurements remain open research problems. The meeting agenda and presentation slides are archived online.


Packet Loss Metrics from Darknet Traffic

Thursday, January 17th, 2013 by Karyn Benson

At the CoNEXT Student Workshop, in Nice, France on December 10, 2012, CAIDA shared recent research on Internet outages in a poster entitled “Gaining Insight Into AS-Level Outages through Analysis of Internet Background Radiation.”


Syria disappears from the Internet

Wednesday, December 5th, 2012 by Alistair King and Alberto Dainotti

On the 29th of November, shortly after 10am UTC (12pm Damascus time), the Syrian state telecom (AS29386) withdrew the majority of BGP routes to Syrian networks (see reports from Renesys, Arbor, CloudFlare, BGPmon). Five prefixes allocated to Syrian organizations remained reachable for another several hours, served by Tata Communications. By midnight UTC on the 29th, as reported by BGPmon, these five prefixes had also been withdrawn from the global routing table, completing the disconnection of Syria from the rest of the Internet.


CAIDA at the NSF Secure and Trustworthy Cyberspace (SaTC) Principal Investigators’ Meeting

Tuesday, December 4th, 2012 by Alberto Dainotti

Last week CAIDA researchers (Alberto and kc) visited National Harbor (Maryland) for the 1st NSF Secure and Trustworthy Cyberspace (SaTC) Principal Investigators Meeting. The National Science Foundation’s SATC program is an interdisciplinary expansion of the old Trustworthy Computing program sponsored by CISE, extended to include the SBE, OCI, MPS, and EHR directorates. The SATC program also includes a bold new Transition to Practice category of project funding — to address the challenge of moving from research to capability — which we are excited and honored to be a part of.


Twelve Years in the Evolution of the Internet Ecosystem

Tuesday, April 10th, 2012 by Amogh Dhamdhere

Our recent study of the evolution of the Internet ecosystem over the last twelve years (1998-2010) appeared in the IEEE/ACM Transactions on Networking in October 2011. Why is the Internet an ecosystem? The Internet, commonly described as a network of networks, consists of thousands of Autonomous Systems (ASes) of different sizes, functions, and business objectives that interact to provide the end-to-end connectivity that end users experience. ASes engage in transit (or customer-provider) relations, and also in settlement-free peering relations. These relations, which appear as inter domain links in an AS topology graph, indicate the transfer of not only traffic but also economic value between ASes. The Internet AS ecosystem is highly dynamic, experiencing growth (birth of new ASes), rewiring (changes in the connectivity of existing ASes), as well as deaths (of existing ASes). The dynamics of the AS ecosystem are determined both by external business environment factors (such as the state of the global economy or the popularity of new Internet applications) and by complex incentives and objectives of each AS. Specifically, ASes attempt to optimize their utility or financial gains by dynamically changing, directly or indirectly, the ASes they interact with.

The goal of our study was to better understand this complex ecosystem, the behavior of entities that constitute it (ASes), and the nature of interactions between those entities (AS links). How has the Internet ecosystem been growing? Is growth a more significant factor than rewiring in the formation of new links? Is the population of transit providers increasing (implying diversification of the transit market) or decreasing (consolidation of the transit market)? As the Internet grows in its number of nodes and links, does the average AS-path length also increase? Which ASes engage in aggressive multihoming? Which ASes are especially active, i.e., constantly adjust their set of providers? Are there regional differences in how the Internet evolves?


Internet Censorship Revealed Through the Haze of Malware Pollution

Wednesday, March 28th, 2012 by Josh Polterock

We were happy to see the coverage of UCSD’s press release describing two papers we recently published, introducing new methods and applications for analyzing dark net data (aka “Internet background radiation” or IBR).  The first paper, “Analysis of Country-wide Internet Outages Caused by Censorship”, presented by author Alberto Dainotti last November at IMC 2011, focused on using IBR in conjunction with other data sources to reveal previously unreported aspects of the disruptions seen during the uprisings of early 2011 in Egypt and Libya. The second paper, “Extracting benefit from harm: using malware pollution to analyze the impact of political and geophysical events on the Internet”, published in ACM SIGCOMM CCR (January 12), used IBR data observed by UCSD’s network telescope to characterize Internet outages caused by natural disasters. In both cases the analysis of this (mostly malware-generated) background traffic contributed to our understanding of events unrelated to the malware itself. Our press release was picked up by several online publications, including The Wall Street Journal Blog, ACM TechnewsCommunications of the ACM Web siteSpacedailyPhysorgTom’s GuideProduct Design & DevelopmentNewswiseDomain-bEurekAlertEurasia reviewSiloBreakerSecurity-today.comEverything San DiegoSpacewar Cyber War.

The papers are also available on CAIDA’s publications page.

The 2nd NDN Project Retreat

Sunday, February 5th, 2012 by kc claffy

I kicked off 2012 with a visit to Colorado State University in Fort Collins, CO to attend the principal investigators (PI) retreat for the Named Data Networking Project, one of four projects funded under NSF’s “Future Internet Architecture” (FIA) program. Impressive progress since the first FIA meeting, with substantial development and coordination of the NDN Testbed connecting the initial participating institutions, including network status reporting, state of (phase-one) OSPF routing, and testbed status pages. This two-day meeting packed in a wide range of collaborative discussions of architecture and implementation issues, including: topology and namespace structure and constraints; organizational structure and network management; routing and forwarding strategy; security issues such as attribution and privacy; early experiences with application development; evaluation and measurement; social and ethical values in technology design; and educational outreach (classes teaching NDN concepts). We also discussed how to dispel the misconception that NDN is simply collaborative web caching. (The caching is essential but the most revolutionary piece of this new communication model is retrieving data by names.)


AIMS 2011 Workshop Report

Thursday, May 26th, 2011 by kc claffy

The final report for our workshop on Active Internet Measurements (ISMA 2011 AIMS-3) is available for viewing. The abstract:


Data on current status of IPv6 deployment

Thursday, April 28th, 2011 by kc claffy

[Last month, I remotely attended the second meeting of the FCC's current Technical Advisory Committee (TAC), where chairs of several working groups set up at the first meeting (in November) reported on their progress and plans. I'm a member of the FCC TAC's IPv6 working group, (more on this soon), and so far have been asked to answer two questions I've been thinking about for a couple of years: what data do we have to gauge IPv6 deployment by Internet service providers, and what data do we need? Last November I addressed the first question in a (still pending) NSF proposal to measure IPv6 deployment, with the following text. I'll post some updates shortly.]


Unsolicited Internet Traffic from Libya

Wednesday, March 23rd, 2011 by Emile Aben

Amidst the recent political unrest in the Middle East, researchers have observed significant changes in Internet traffic and connectivity. In this article we tap into a previously unused source of data: unsolicited Internet traffic arriving from Libya. The traffic data we captured shows distinct changes in unsolicited traffic patterns since 17 February 2011.

Most of the information already published about Internet connectivity in the Middle East has been based on four types of data: