Internet Mapping: Statement of Work
We will integrate strategic Internet measurement and data analysis capabilities to provide comprehensive annotated Internet topology maps that will improve our ability to identify, monitor, and model critical cyberinfrastructure.
Funding source: DHS S&T contract N66001-12-C-0130. Period of performance (extended by 10 months due to funding delays): September 28, 2012 - January 27, 2016 (base), January 28, 2016 - July 27, 2016 (optional).
Principal Investigator: kc claffy
Funding source: N66001-08-C-2029 Period of performance: September 1, 2012 - July 31, 2016.
Statement of Work
The proposed effort shall develop new technologies and analysis capabilities spanning multiple research domains of the Internet measurement field to execute timely delivery of rich cybersecurity-relevant annotated maps of critical Internet resources.
Tasks and deliverables for the entire effort are separated into three phases, with monthly deliverables throughout the course of the project:
Phase I: Applied Research (18 months, October 2012 - March 2014; 10 month extension until January 2015)
| Description | Date | Deliverable | Status | ||
|---|---|---|---|---|---|
| Collect raw IPv4 and IPv6 topology data using Ark; submit technical and financial status report | monthly | CDRL A001 | IPv4, IPv6 | ||
| Task 1: Improve completeness of macroscopic Internet maps | |||||
| 1.1 | Install monitoring infrastructure (8-10 monitors/year) in underserved regions | Oct 2012 - Jan 2015 | done | ||
| 1.2 | Investigate more efficient and scalable probing techniques | Mar 2013 | done | ||
| 1.3 | Incorporate additional IP address lists into our alias resolution process | Mar 2013 | data, paper | ||
| 1.4 | Derive an experimental Internet topology (traceroute-based) augmented with additional reachability data | Nov 2014 | data, paper | ||
| 1.5 | Evaluate the experimental traceroute-based Internet topology | Jan 2015 | CDRL A003 | done | |
| Task 2: Increase accuracy of macroscopic Internet maps | |||||
| 2.1 | Investigate the impact of false link inferences on the router-level graph | Jun 2013 | done | ||
| 2.2 | Investigate the impact of false link inferences on the PoP/city-level graph | Jun 2013 | done | ||
| 2.3 | Investigate the impact of false link inferences on the AS-level graph | Jun 2013 | done | ||
| 2.4 | Investigate approaches to identify AS peering links | Sep 2013 | done | ||
| 2.5 | Design user-friendly interactive validation functionality for AS meta-data and traceroute-based topology inferences | Dec 2013 | done | ||
| Task 3: Increase the richness of macroscopic Internet maps | |||||
| 3.1 | Add annotations for intermediate (PoP/city-level) infrastructure inferences | Jul 2013 | done | ||
| 3.2 | Deploy beta-version of interactive intermediate (PoP/city-level) map validation functionality for testing and feedback | Dec 2013 | CDRL A002 | done | |
| 3.3 | Add economic AS annotations | Aug 2013 | done | ||
Phase II: Development (12 months, April 2014 - March 2015; postponed to February 2015 - January 2016)
| Description | Date | Deliverable | Status | ||
|---|---|---|---|---|---|
| Collect raw IPv4 and IPv6 topology data using Ark; submit technical and financial status report | monthly | CDRL A001 | IPv4, IPv6 | ||
| Task 1: Create a new series of Internet Topology Data Kits (ITDK) | |||||
| 1.1 | Install new and upgrade obsolete Ark monitors (8-10 monitors/year) | done | |||
| 1.2 | Conduct large scale alias resolution probing runs every 3-6 months | June 2015, Dec 2015 |
done | ||
| 1.3 | Analyze data, derive topology graphs at various levels of granularity and make data available | Jul 2015, Jan 2016 |
CDRL A004 | done | |
| 1.4 | Update ITDK data and algorithms descriptions as necessary | Jan 2016 | done | ||
| Task 2: Develop a scalable and user-friendly interactive interface to database of topology measurements | |||||
| 2.1 | Develop graphical user interface (GUI) for interactive validation and corrections of AS meta-data | March 2015 | done | ||
| 2.2 | Develop graphical user interface (GUI) for interactive validation and corrections of PoP/city-level map | March 2015 | done | ||
| 2.3 | Develop taxonomy to reveal insights into business structure of ISPs | Jun 2015 | done | ||
| 2.4 | Develop software to reveal insight into the business relationships of ISPs | Jun 2015 | done | ||
| 2.5 | Develop software to reveal insight into the geographic coverage of ISPs | Jun 2015 | done | ||
| 2.6 | Develop interface to request specific historical or recent measurement data | Sep 2015 | done | ||
| 2.7 | Enable queries regarding observable performance changes and trends across specific regions of the world | Jan 2016 | CDRL A005 | tool, video | |
| Task 3: Implement on-demand topology measurement tools | |||||
| 3.1 | Refine functionality for selective real-time Ark probing | Sep 2015 | done | ||
| 3.2 | Develop interface to select probing destinations by country, AS, BGP prefix, or organization | Nov 2015 | done | ||
| 3.3 | Create AS-traceroute measurement tool | Jun 2016 | CDRL A006 | tool, paper | |
| Submit final report | Jan 2016 | CDRL A002 | done | ||
Phase III: Deployment (6 months) - optional
| Description | Date | Deliverable | Status | ||
|---|---|---|---|---|---|
| Collect raw IPv4 and IPv6 topology data using Ark; submit technical and financial stat us report | monthly | CDRL B001 | IPv4, IPv6 | ||
| Task 1: Continue to expand Ark measurement platform | |||||
| 1.1 | Deploy remaining monitors (new locations or upgrades) | ongoing | done | ||
| 1.2 | Re-assess optimal configuration for team probing | done | |||
| Task 2: Demonstrate capabilities of the platform and technologies developed during the base performance period | |||||
| 2.1 | Test "topo-on-demand" measurements in a typical operational environment | ongoing | done | ||
| 2.2 | Test querying of historical topology measurements in a typical operational environment | done | |||
| 2.3 | Integrate diverse types and sources of data into a coherent representation of macroscopic Internet topology at multiple granularities (AS Rank) | CDRL B002 | done | ||
| Submit final report | CDRL B003 | done | |||
Acknowledgment of awarding agency's support
The work was funded by the Department of Homeland Security (DHS) Science and Technology Directorate, Cyber Security Division (DHS S&T/CSD) Broad Agency Announcement 11-02 and SPAWAR Systems Center Pacific via contract number N66001-12-C-0130, and by Defence Research and Development Canada (DRDC) pursuant to an Agreement between the U.S. and Canadian governments for Cooperation in Science and Technology for Critical Infrastructure Protection and Border Security. The work represents the position of the authors and not necessarily that of DHS or DRDC.