Archive for the 'Commentaries' Category

Named Data Networking Next Phase (NDN-NP) Annual Report

Tuesday, June 30th, 2015 by kc

The Named Data Networking project recently published the NDN-NP annual report covering activities from May 2014 through April 2015.

V. Jacobson, J. Burke, L. Zhang, B. Zhang, K. Claffy, C. Papadopoulos, T. Abdelzaher, L. Wang, J. Halderman, and P. Crowley, “Named Data Networking Next Phase (NDN-NP) Project May 2014 – April 2015 Annual Report”, Tech. rep., Jun 2015.

This report catalogs a wide range of our accomplishments during the first year of the “NDN Next Phase (NDN-NP)” project. This phase of the project is environment-driven, in that we are focusing on deploying and evaluating the NDN architecture in two specific environments: building automation management systems and mobile health, together with a cluster of multimedia collaboration tools.

CAIDA takes over stewardship of Spoofer Project infrastructure

Thursday, May 28th, 2015 by Matthew Luckie

Originally started by Rob Beverly while a graduate student at MIT, the Spoofer project attempts to measure the Internet’s susceptibility to spoofed source address IP packets. From Rob’s original project web page (now moved to CAIDA, see below):

Malicious users capitalize on the ability to “spoof” source IP addresses for anonymity, indirection, targeted attacks and security circumvention. Compromised hosts on networks that permit IP spoofing enable a wide variety of attacks.

The project never had dedicated funding, but Rob believed that empirical data on how many networks permitted spoofing was important, so he kept the web site alive. In collaboration with him, we submitted a proposal to improve the measurement and analysis capabilities to inform one of the most important challenges in cybersecurity today: improving network hygiene to reduce the threat of the longest standing vector of attack on Internet infrastructure.
In addition to enabling us to provide estimates of how many networks allow packets with forged source addresses to leave their networks, we can use measurements from this infrastructure, in combination with other sources of data, to analyze the geographic, economic, and governance characteristics of networks that allow spoofing, versus those that do not, as well as trends over time of this network security hygiene policy.

This month, we celebrate a transition point in this project: in collaboration with Rob, we migrated the Spoofer software services to a new server on the machine room floor at the San Diego Supercomputer Center at UCSD, and, more relevant to users, we have released new clients for Microsoft Windows, Mac OS X, and Linux. We encourage users and operators to download and run the new clients to help measure the Internet’s susceptibility to spoofed source-addressed IP packets. Feedback is greatly appreciated as we expand functionality and hopefully footprint of this critical infrastructure security analysis project.

This research and infrastructure development effort is supported by an award from the Department of Homeland Security, Science and Technology Directorate.

Workshop on Internet Economics (WIE2014) Final Report

Tuesday, May 19th, 2015 by kc

The final report for our Workshop on Internet Economics (WIE2014) is available for viewing. The abstract:

On December 10-11 2014, we hosted the 4th interdisciplinary Workshop on Internet Economics (WIE) at the UC San Diego’s Supercomputer Center. This workshop series provides a forum for researchers, Internet facilities and service providers, technologists, economists, theorists, policy makers, and other stakeholders to inform current and emerging regulatory and policy debates. The objective for this year’s workshop was a structured consideration of whether and how policy-makers should try to shape the future of the Internet. To structure the discussion about policy, we began the workshop with a list of potential aspirations for our future telecommunications infrastructure (a list we had previously collated), and asked participants to articulate an aspiration or fear they had about the future of the Internet, which we summarized and discussed on the second day. The focus on aspirations was motivated by the high-level observation that before discussing regulation, we must agree on the objective of the regulation, and why the intended outcome is justified. In parallel, we used a similar format as in previous years: a series of focused sessions, where 3-4 presenters each prepared 10-minute talks on issues in recent regulatory discourse, followed by in-depth discussions. This report highlights the discussions and presents relevant open research questions identified by participants.

See the full workshop report at http://www.caida.org/publications/papers/2015/wie2014_report/

Slides from workshop presentations are available at http://www.caida.org/workshops/wie/1412/

Draft white paper that motivated the workshop at:
http://www.caida.org/publications/papers/2015/inventory_aspirations_internets_future/

RFC 7514 : Really Explicit Congestion Notification (RECN)

Wednesday, April 1st, 2015 by kc

I feel that somewhere up there Jon Postel is smiling about Matthew’s RFC 7514, published today:

The deployment of Explicit Congestion Notification (ECN) [RFC3168] remains stalled. While most operating systems support ECN, it is currently disabled by default because of fears that enabling ECN will break transport protocols. This document proposes a new ICMP message that a router or host may use to advise a host to reduce the rate at which it sends, in cases where the host ignores other signals such as packet loss and ECN. We call this message the “Really Explicit Congestion Notification” (RECN) message because it delivers a less subtle indication of congestion than packet loss and ECN.

http://www.rfc-editor.org/rfc/rfc7514.txt

Mapping the Technological Frontier and Sources of Innovation

Friday, February 13th, 2015 by kc

Last weekend I had the honor of participating in a conference on “The Digital Broadband Migration: First Principles for a Twenty First Century Innovation Policy” hosted by the Silicon Flatirons Center at the University of Colorado. David Clark and I kicked off a panel on the topic of “Mapping the Technological Frontier and the Sources of Innovation”. The full video is archived on YouTube (slides here). A great conference hosted by a great organization (and a law school that seems like a wonderful place to teach and learn).

Report from the 1st NDN Community Meeting (NDNcomm)

Tuesday, January 13th, 2015 by kc

The report for the 1st NDN Community Meeting (NDNcomm) is available online now. This report, “The First Named Data Networking Community Meeting (NDNcomm)“, is a brief summary of the first NDN Community Meeting held at UCLA in Los Angeles, California on September 4-5, 2014. The meeting provided a platform for the attendees from 39 institutions across seven countries to exchange their recent NDN research and development results, to debate existing and proposed functionality in security support, and to provide feedback into the NDN architecture design evolution.

The workshop was supported by the National Science Foundation CNS-1457074, CNS-1345286, and CNS-1345318. We thank the NDNcomm Program Committee members for their effort of putting together an excellent program. We thank all participants for their insights and feedback at the workshop.

North Korean Internet outages observed

Tuesday, December 23rd, 2014 by Alberto Dainotti

As reported by Dyn Research, North Korea has experienced extremely unstable Internet connectivity in the last few days. We offer a near real-time (30-minute delayed) view of the BGP-visibility of the 4 IPv4 prefixes announced by STAR-KP, Ryugyong-dong (North Korea’s national telecommunications provider). This real-time view represents a sneak peek of the intended outcomes of our Internet outage detection and analysis project.

(Click image below to get real-time view of observed BGP-reachability to North Korea.)

outageNK-23dec14

BGP data sources (30 min delay): RIPE NCC’s Routing Information Service (RIS), University of Oregon Route Views Project

architecture innovation 2020 (and 2030)

Friday, October 17th, 2014 by kc

Today I participated as a panelist in the Internet Regulation 2020 hosted by Duke Law’s Center for Innovation Policy at the National Academy of Sciences. The questions for my panel were:

What are the most significant realistic changes in network architecture, capacity, and connectivity by 2020? In what ways might these developments be affected, perhaps even precluded, by regulatory policy? In what ways might these developments in turn affect regulatory policy? What are the costs and benefits of these developments and their possible regulation?

My slides (which link to related reading on last slide):

http://www.caida.org/publications/presentations/2014/internet_architecture_innovation_duke/

IMAPS Workshop on Internet Measurements and Political Science: Network Outages

Friday, October 10th, 2014 by Josh Polterock

On Wednesday 1 October 2014, CAIDA hosted a small invitation only workshop that brought together researchers working on large-scale Internet outage detection and characterization with researchers from the political sciences with specific expertise in Internet censorship, political violence (including Internet connectivity disruption ordered by authoritarian regimes for censorship), and Internet penetration. Participants viewed and demonstration of and discussed CAIDA’s current data analysis platform for the exploration of historical and realtime Internet measurement data (named “Charthouse”), and possible extensions of the platform to support political science research related to  macroscopic Internet outages.

 A primary use of our current platform is to detect/characterize large-scale Internet outages, i.e., entire regions or countries getting disconnected from the Internet for hours or days. We intend to extend the platform to enable more agile analysis, support larger datasets, improve geographic-based exploration and visualization, based on use case scenarios defined together with political scientists.

The workshop also included experts from the San Diego Supercomputer Center’s Data Enabled Scientific Computing Group, who provided valuable insights into methods for scalable analysis of large data sets requiring high performance computing platforms.  We currently plan to implement part of the Charthouse platform using the Spark/Shark data analytics stack.

Dataset Comparison: IPv4 vs IPv6 traffic seen at the DNS Root Servers

Wednesday, October 1st, 2014 by Bradley Huffaker

image

As economic pressure imposed by IPv4 address exhaustion has grown, we seek methods to track deployment of IPv6, IPv4’s designated successor. We examine per-country allocation and deployment rates through the lens of the annual “Day in the Life of the Internet” (DITL) snapshots collected at the DNS roots by the DNS Operations, Analysis, and Research Center (DNS-OARC) from 2009 to 2014.

For more details of data sources and analysis, see:
http://www.caida.org/research/policy/dns-country/