Measurement Capabilities for the Modern Internet
We propose to observe and interpret cloud application paths at the router level. By extending our techniques to cloud networks, we can create maps containing the paths from each cloud region to every corner of the Internet, along with the network operator for every router IP address.
Principal Investigator: Alexander Marder
Funding source: CNS-2105393 Period of performance: June 1, 2021 - May 31, 2023. (Funding actually ended as of December 2021)
The growing deployment of low-latency and high-throughput applications, the upfront and maintenance costs of computing resources, and constantly evolving security threats make it increasingly complex and costly for organizations to host services and applications themselves. Public cloud providers, like Amazon AWS, Microsoft Azure, and Google Cloud Platform (GCP), ease that burden by allowing organizations to build and scale their applications on networks and hardware managed by the cloud provider. As applications shifted into the clouds, the Internet fundamentally changed from peer-to-peer to a cloud-centric model.
The importance of the clouds in the modern Internet necessitates understanding the paths between cloud applications and users to better inform public policy and network operations, and we propose an ambitious effort to directly observe and interpret these cloud application paths at the router level. We will not attempt to guess the paths that clouds use to reach end-hosts; instead, we will observe the router paths used by public cloud wide area networks (WANs) through comprehensive probing from our virtual machines (VMs). By extending our recent techniques to cloud networks, we can create maps containing the paths from each cloud region to every corner of the Internet, along with the network operator for every observed router IP address. These maps can provide edge network operators with the paths that clouds use to reach their networks, helping them diagnose problems, plan network improvements, and choose primary or backup providers. In the future, we plan to leverage the annotated topology maps that we generate to conduct thirdparty analysis of cloudWANs, such as detecting the location of congestion or packet loss between clouds and users.
We will also use the map of the topology visible from our cloud VMs to interpret paths observed in the reverse direction, from end-hosts to the cloud. Identifying the router operators in an individual path measurement from an arbitrary end-host is notoriously difficult due to the lack of information to constrain inference, but fitting these paths to our preprocessed map can provide the constraints needed for interpretation. Our partial solution to this decades-old problem will allow network operators to understand their paths to cloud applications, and is of particular importance when comprehensive probing is impractical, such as from mobile devices.
197Task 1: Reveal and Interpret Router-Paths From Clouds
|Use comprehensive traceroute probing to discover the router-level paths from public cloud providers
|Generate maps from the paths annotated with AS operators for each of the observed routers and points of interconnection between networks
|Interpret individual traceroute paths from cloud networks to end-hosts
364Task 2: Interpreting Observed Paths From End-Hosts to Clouds
|Fit traceroute paths from end-hosts toward cloud destinations to the annotated maps generated in Task 1
|Adapt alias resolution techniques to identify addresses already in the graph
|Use reply TTLs and RTTs to our cloud VPs to enable MIDAR-style alias resolution for new traceroute paths
Access Denied: Assessing Physical Risks to Internet Access Networks.
A. Marder, Z. Zhang, R. Padmanabhan, R. Mok, B. Huffaker, M. Luckie, A. Dainotti, k. claffy, A. Snoeren, A. Schulman.
USENIX Security Symposium, Aug 2023.
Learning to Extract Geographic Information from Internet Router Hostnames.
M. Luckie, B. Huffaker, A. Marder, Z. Bischof, M. Fletcher, k. claffy.
ACM SIGCOMM Conference on emerging Networking EXperiments and Technologies (CoNEXT), Dec 2021.
Learning Regexes to Extract Network Names from Hostnames.
M. Luckie, A. Marder, B. Huffaker, k. claffy.
Asian Internet Engineering Conference (AINTEC), Dec 2021.
Acknowledgment of awarding agency’s support
This material is based on research sponsored by the National Science Foundation (NSF) grant CNS-2105393. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of NSF.
Proposal for Cloud Cartography: Measurement Capabilities for the Modern Internet