Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis
Network Telescopes: Technical Report
D. Moore, C. Shannon, G. Voelker, and S. Savage, "Network Telescopes: Technical Report", Tech. rep., Cooperative Association for Internet Data Analysis (CAIDA), Jul 2004.
|   View full paper:    PDF    gzipped postscript    |  Citation:    BibTeX   |

Network Telescopes: Technical Report

David Moore 1
Colleen Shannon 1
Geoffrey Voelker 2
Stefan Savage 2
1

CAIDA, San Diego Supercomputer Center, University of California San Diego

2

Department of Computer Science and Engineering,
University of California, San Diego

A network telescope is a portion of routed IP address space in which little or no legitimate traffic exists. Monitoring unexpected traffic arriving at a network telescope provides the opportunity to view remote network security events such as various forms of flooding denial-of-service attacks, infection of hosts by Internet worms, and network scanning. In this paper, we examine the effects of the scope and locality of network telescopes on accurate measurement of both pandemic incidents (the spread of an Internet worm) and endemic incidents (denial-of-service attacks) on the Internet. In particular, we study the relationship between the size of the network telescope and its ability to detect network events, characterize its precision in determining event duration and rate, and discuss practical considerations in the deployment of network telescopes.

Keywords: measurement methodology, network telescope, security
  Last Modified: Wed Oct-11-2017 17:03:51 PDT
  Page URL: http://www.caida.org/publications/papers/2004/tr-2004-04/index.xml