The contents of this legacy page are no longer maintained nor supported, and are made available only for historical purposes.

Cybersecurity: Leveraging the Science and Technology of Internet Mapping for Homeland Security (2011-2012)

The CAIDA Cybersecurity Project "Leveraging the Science and Technology of Internet Mapping for Homeland Security" (contract N66001-08-C-2029 with the DHS Science and Technology Directorate) started in March 2008, and received supplemental funding in July 2011.

Sponsored by:
Department of Homeland Security (DHS)

Principal Investigator: kc claffy

Funding source:  DHS N66001-08-C-2029 Period of performance: March 21, 2008 - June 30, 2012.


Statement of Work

Funded by the DHS Science and Technology Directorate, contract N66001-08-C-2029, we have delivered the most comprehensive Internet router-level and AS-level Internet topology data sets ever made available to researchers and government agencies. The data are richly annotated with AS business relationships, size, and geography-related attributes. We have also deployed a new Internet topology data acquisition infrastructure available to vetted researchers for macroscopic Internet measurement projects relevant to DHS's cybersecurity R&D needs.

In the three years since the original proposal, the scope of the problem has expanded sufficiently to warrant additional work on the measurement and supporting analysis tools to stay current with the state-of-the-art technology in the field, to facilitate transfer of the technologies developed to other public and private sectors, and to improve utility and accessibility of the resulting data. We propose to accomplish the following additional tasks, which increase the functionality, accuracy, and usability of the tools and data developed and provided under the terms of the current project. Each task further advances DHS capabilities to meet public and private sector needs to understand and protect essential U.S. information infrastructure.

Task 1: Improve traceroute-based Internet topology mapping methodology

1a Evaluate a new alias resolution technique based on IP pre-specified timestamps (developed at the University of Washington, presented at IMC2010) as part of our Multi-Approach Alias Resolution System (MAARS) process done
1b Enable execution of interactive real-time requests to run topology and reachability probes from user-specified Ark nodes to user-specified destinations ("topology-on-demand" demonstrated at CATCH-2009 conference) done

Task 2: Release MIDAR code for alias resolution

2a Release a simple stand-alone corroboration tool running on a single machine that can be used to confirm/refute a suspected alias set of a small size (< 200 addresses) done
2b Release software to support a full MIDAR run on a single machine that can be used to find aliases in a moderate size set of addresses (< 40 thousand) done
2c Release software to support a full MIDAR run using coordinated measurements on multiple machines as necessary to find aliases in a large set of addresses (>l 1 million) done

Task 3: Add router-level graph visualization to AS-rank web pages

3a Develop the necessary back-end database support
3b Create an informative and scalable visualization of routers belonging to a given AS augmented with annotations for ownership, geography, and peering attributes
3c Enable a graphic interface for users to suggest corrections of false topology inferences done
3d Prepare documentation describing the methodology and algorithms for AS ranking and annotations. done
3e Submit the methodology and algorithms for publication done
3f Develop, test, and implement methodology integrating users' feedback as ground truth data on AS relationship and router ownership inferences.

Milestones

Month Task 1
Improved topo map
Task 2
MIDAR release
Task 3
Router viz
July Evaluate new technique
August
September Release 2a Demo a prototype viz
October Prototype topo-on-demand
November Produce new ITDK Demo an annotated viz
December
January
February Web interface to TOD Graphic user interface
March Release 2b
April Release 2c

Deliverables

# Associated Task Deliverable Description Type Due date
1 Task 1 Functionality to execute topology measurements on-demand demo Dec 2011
2 Task 3 Visualization of router-level topology for a given AS demo Dec 2011
3 Task 2 MIDAR alias resolution code software Apr 2012
Published
Last Modified