Internet Measurements - PowerPoint PPT Presentation

1 / 36
About This Presentation
Title:

Internet Measurements

Description:

Need for Internet measurements arises due to commercial, social, and technical issues ... Measurement for network operations. Detecting and diagnosing problems ... – PowerPoint PPT presentation

Number of Views:46
Avg rating:3.0/5.0
Slides: 37
Provided by: kamil
Learn more at: https://www.cse.unr.edu
Category:

less

Transcript and Presenter's Notes

Title: Internet Measurements


1
Internet Measurements
2
Internet
  • Web of interconnected networks
  • Grows with no central authority
  • Autonomous Systems optimize local communication
    efficiency
  • The building blocks are engineered and studied in
    depth
  • Global entity has not been characterized
  • Most real world complex-networks
    have non-trivial properties.
  • Global properties can not be inferred from local
    ones
  • Engineered with large technical diversity
  • Range from local campuses to transcontinental
    backbone providers

3
Internet Measurements
  • Need for Internet measurements arises due to
    commercial, social, and technical issues
  • Realistic simulation environment for developed
    products,
  • Improve network management
  • Robustness with respect to failures/attacks
  • Comprehend spreading of worms/viruses
  • Know social trends in Internet use
  • Scientific discovery
  • Scale-free (power-law), Small-world, Rich-club,
    Dissasortativity,

4
Internet Topology Measurement
CAIDA 2006
5
Internet Topology Measurement
CAIDA 2006
6
Internet Topology Measurement
Dandelion 2001
7
Internet Topology Measurement
8
Walrus
9
Internet Topology Measurement
CAIDA 2006
10
Internet Topology MeasurementsProbing
  • Direct probing
  • Indirect probing

IPB
IPD
Vantage Point
IPB TTL64
IPD TTL64
D
B
C
A
IPB
IPC
IPD TTL2
IPD TTL1
11
Autonomous System Level Mapping
Historical
12
(No Transcript)
13
(No Transcript)
14
Autonomous System Level Mapping
15
(No Transcript)
16
Traffic Measurements
  • Monitoring and measuring network traffic
  • to produce better models of network behavior
  • to diagnose failures and detect anomalies
  • to defend against unwanted traffic
  • Live weather map
  • Internernet2
  • PlanetLab

17
Code-Red Worm
  • On July 19, 2001, more than 359,000 computers
    connected to the Internet were infected with the
    Code-Red (CRv2) worm in less than 14 hours
  • Spread

18
Sapphire Worm
  • was the fastest computer worm in history
  • doubled in size every 8.5 seconds
  • infected more than 90 percent of vulnerable hosts
    within 10 minutes.

19
Witty Worm
  • reached its peak activity after approximately 45
    minutes
  • at which point the majority of vulnerable hosts
    had been infected
  • World
  • USA

20
Nyxem Email Virus
  • Estimate of total number of infected computers is
    between 470K and 945K
  • At least 45K of the infected computers were also
    compromised by other forms of spyware or botware
  • Spread

21
Scam Hosting
  • Study dynamics of scam hosting infrastructure

22
Measurement Studies
  • Glasnost
  • tests whether BitTorrent is being blocked or
    throttled
  • BW-meter
  • Measurement tools for the capacity and load of
    Internet paths
  • NPAD Diagnostics Servers
  • Automatic diagnostic server for troubleshooting
    end-systems and last-mile network problems
  • iPlane
  • construct a router interface-level atlas of the
    Internet
  • measuring link attributes
  • Hubble
  • find persistent Internet black holes as they occur

23
Internet Measurements
  • The Internet is man-made, so why do we need to
    measure it?
  • Because we still dont really understand it
  • Sometimes things go wrong
  • Malicious users
  • Measurement for network operations
  • Detecting and diagnosing problems
  • What-if analysis of future changes
  • Measurement for scientific discovery
  • Creating accurate models that represent reality
  • Identifying new features and phenomena

24
Questions ?
25
Internet Topology MeasurementTopology Collection
(traceroute)
  • Probe packets are carefully constructed to elicit
    intended response from a probe destination
  • traceroute probes all nodes on a path towards a
    given destination
  • TTL-scoped probes obtain ICMP error messages from
    routers on the path
  • ICMP messages includes the IP address of
    intermediate routers as its source
  • Merging end-to-end path traces yields the network
    map

IPB
IPA
IPC
IPD
Destination
Vantage Point
TTL1
TTL2
TTL3
TTL4
D
A
B
C
S
26
Internet Topology MeasurementBackground
Internet2 backbone
S
s.3
s.2
s.2
n.1
n.3
n.3
N
c.2
w.1
w.2
u.1
c.1
W
C
c.3
w.3
w.3
u.2
U
c.4
k.1
k.2
K
u.3
l.1
k.3
Trace to NY
a.1
a.2
l.2
L
A
l.3
l.3
a.3
a.3
h.2
Trace to Seattle
H
h.3
h.1
h.4
h.4
h.4
d
27
Internet Topology MeasurementBackground
s.1
f
e
S
s.3
n.2
s.2
n.1
n.3
N
c.2
w.1
w.2
c.1
u.1
W
C
c.3
w.3
u.2
U
c.4
k.1
k.2
K
u.3
l.1
k.3
a.1
a.2
l.2
L
A
l.3
a.3
h.2
H
h.3
h.1
h.4
d
28
Topology SamplingIssues
  • Sampling to discover networks
  • Infer characteristics of the topology
  • Different studies considered
  • Effect of sample size Barford 01
  • Sampling bias Lakhina 03
  • Path accuracy Augustin 06
  • Sampling approach Gunes 07
  • Utilized protocol Gunes 08
  • ICMP echo request
  • TCP syn
  • UDP port unreachable

29
Anonymous Router Resolution Problem
  • Anonymous routers do not respond to traceroute
    probes and appear as a ? in path traces
  • Same router may appear as a ? in multiple traces.
  • Anonymous nodes belonging to the same router
    should be resolved.
  • Anonymity Types
  • Ignore all ICMP packets
  • ICMP rate-limiting
  • Ignore ICMP when congested
  • Filter ICMP at border
  • Private IP address

30
Anonymous Router Resolution Problem
f
Internet2 backbone
e
S
N
C
W
U
K
L
A
H
  • Traces
  • d - ? - L - S - e
  • d - ? - A - W - ? - f
  • e - S - L - ? - d
  • e - S - U - ? - C - ? - f
  • f - ? - C - ? - ? - d
  • f - ? - C - ? - U - S - e

d
31
Anonymous Router Resolution Problem
U
K
C
N
S
f
L
H
A
W
e
  • Traces
  • d - ? - L - S - e
  • d - ? - A - W - ? - f
  • e - S - L - ? - d
  • e - S - U - ? - C - ? - f
  • f - ? - C - ? - ? - d
  • f - ? - C - ? - U - S - e

d
Sampled network
32
Graph Based InductionCommon Structures
Parallel nodes
Complete Bipartite
Clique
Star
33
Alias Resolution
.33
  • Each interface of a router
  • has an IP address.
  • A router may respond with
  • different IP addresses to
  • different queries.
  • Alias Resolution is the process of grouping the
    interface IP addresses of each router into a
    single node.
  • Inaccuracies in alias resolution may result in a
    network map that
  • includes artificial links/nodes
  • misses existing links

.5
.18
Denver
.7
.13
34
IP Alias ResolutionProblem
s.1
f
e
S
s.3
n.2
s.2
n.1
N
n.3
c.2
u.1
w.1
w.2
c.1
W
C
c.3
u.2
U
w.3
k.1
c.4
k.2
u.3
K
k.3
l.1
a.1
l.2
a.2
L
A
l.3
a.3
h.2
  • Traces
  • d - h.4 - l.3 - s.2 - e
  • d - h.4 - a.3 - w.3 - n.3 - f
  • e - s.1 - l.1 - h.1 - d
  • e - s.1 - u.1 - k.1 - c.1 - n.1 - f
  • f - n.2 - c.2 - k.2 - h.2 - d
  • f - n.2 - c.2 - k.2 - u.2 - s.3 - e

H
h.3
h.1
h.4
d
35
IP Alias ResolutionProblem
U
K
C
N
S
f
Sampled network
L
H
A
W
e
d
  • Traces
  • d - h.4 - l.3 - s.2 - e
  • d - h.4 - a.3 - w.3 - n.3 - f
  • e - s.1 - l.1 - h.1 - d
  • e - s.1 - u.1 - k.1 - c.1 - n.1 - f
  • f - n.2 - c.2 - k.2 - h.2 - d
  • f - n.2 - c.2 - k.2 - u.2 - s.3 - e

36
Genuine Subnet ResolutionProblem
  • Alias resolution
  • IP addresses that belong to the same router
  • Subnet resolution
  • IP addresses that are connected over the same
    medium

IP1
IP1
IP2
IP3
IP2
IP3
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Internet Measurements" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!