(DHS N66001-08-C-2029) Cybersecurity: Leveraging the Science and Technology of Internet Mapping for Homeland Security
Statement of Work
Funded by the DHS Science and Technology Directorate, contract N66001-08-C-2029, we have delivered the most comprehensive Internet router-level and AS-level Internet topology data sets ever made available to researchers and government agencies. The data are richly annotated with AS business relationships, size, and geography-related attributes. We have also deployed a new Internet topology data acquisition infrastructure available to vetted researchers for macroscopic Internet measurement projects relevant to DHS's cybersecurity R&D needs.
In the three years since the original proposal, the scope of the problem has expanded sufficiently to warrant additional work on the measurement and supporting analysis tools to stay current with the state-of-the-art technology in the field, to facilitate transfer of the technologies developed to other public and private sectors, and to improve utility and accessibility of the resulting data. We propose to accomplish the following additional tasks, which increase the functionality, accuracy, and usability of the tools and data developed and provided under the terms of the current project. Each task further advances DHS capabilities to meet public and private sector needs to understand and protect essential U.S. information infrastructure.
Task 1: Improve traceroute-based Internet topology mapping methodology
| 1a | Evaluate a new alias resolution technique based on IP pre-specified timestamps (developed at the University of Washington, presented at IMC2010) as part of our Multi-Approach Alias Resolution System (MAARS) process |
| 1b | Enable execution of interactive real-time requests to run topology and reachability probes from user-specified Ark nodes to user-specified destinations ("topology-on-demand" demonstrated at CATCH-2009 conference) |
Task 2: Release MIDAR code for alias resolution
| 2a | Release a simple stand-alone corroboration tool running on a single machine that can be used to confirm/refute a suspected alias set of a small size (< 200 addresses) |
| 2b | Release software to support a full MIDAR run on a single machine that can be used to find aliases in a moderate size set of addresses (< 40 thousand) |
| 2c | Release software to support a full MIDAR run using coordinated measurements on multiple machines as necessary to find aliases in a large set of addresses (>l 1 million) |
Task 3: Add router-level graph visualization to AS-rank web pages
| 3a | Develop the necessary back-end database support |
| 3b | Create an informative and scalable visualization of routers belonging to a given AS augmented with annotations for ownership, geography, and peering attributes |
| 3c | Enable a graphic interface for users to suggest corrections of false topology inferences |
Task 4: Improve geolocation comparison study
| 4a | Purchase licenses for Quova and Akamai geolocation services
|
| 4b | Update and refine our geolocation comparison methodologies
|
| 4c | Extend the previous limited comparison study to include a broader range of geolocation providers |
| 4d | Disseminate the methodology and findings |
Milestones
| Month | Task 1
Improved topo map | Task 2
MIDAR release | Task 3
Router viz | Task 4
Geolocation |
| July | Evaluate new technique | | | |
| August | | | | |
| September | | Release 2a | Demo a prototype viz | |
| October | Prototype topo-on-demand | | | |
| November | Produce new ITDK | | Demo an annotated viz | Purchase licenses |
| December | | | | Collect data |
| January | | | | Analyze data |
| February | Web interface to TOD | | Graphic user interface | Analyze data |
| March | | Release 2b | | Write report |
| April | | Release 2c | | Finish report |
Deliverables
| # | Associated
Task | Deliverable Description | Type | Due date | Status |
| 1 | Task 1 | Functionality to execute topology measurements on-demand | demo | Dec 2011 | |
| 2 | Task 3 | Visualization of router-level topology for a given AS | demo | Dec 2011 | |
| 3 | Task 2 | MIDAR alias resolution code | software | Apr 2012 | |
| 4 | Task 4 | Results of an expanded geolocation comparison study | report | Apr 2012 | |
Related Links
Last Modified: Tues Jan-17-2012 12:51:46 PDT
Page URL: http://www.caida.org/funding/cybersecurity/index.xml
![[CAIDA - Cooperative Association for Internet Data Analysis logo]](/images/caida_globe_faded.png)
![[CAIDA]](/images/caida_whitewords.png "Go to CAIDA home page"){kind=small}
