Cybersecurity: Leveraging the Science and Technology of Internet Mapping for Homeland Security (2011-2012)
The CAIDA Cybersecurity Project "Leveraging the Science and Technology of Internet Mapping for Homeland Security" (contract N66001-08-C-2029 with the DHS Science and Technology Directorate) started in March 2008, and received supplemental funding in July 2011.
Principal Investigator: kc claffy
Funding source: DHS N66001-08-C-2029 Period of performance: March 21, 2008 - June 30, 2012.
Statement of Work
Funded by the DHS Science and Technology Directorate, contract N66001-08-C-2029, we have delivered the most comprehensive Internet router-level and AS-level Internet topology data sets ever made available to researchers and government agencies. The data are richly annotated with AS business relationships, size, and geography-related attributes. We have also deployed a new Internet topology data acquisition infrastructure available to vetted researchers for macroscopic Internet measurement projects relevant to DHS's cybersecurity R&D needs.
In the three years since the original proposal, the scope of the problem has expanded sufficiently to warrant additional work on the measurement and supporting analysis tools to stay current with the state-of-the-art technology in the field, to facilitate transfer of the technologies developed to other public and private sectors, and to improve utility and accessibility of the resulting data. We propose to accomplish the following additional tasks, which increase the functionality, accuracy, and usability of the tools and data developed and provided under the terms of the current project. Each task further advances DHS capabilities to meet public and private sector needs to understand and protect essential U.S. information infrastructure.
Task 1: Improve traceroute-based Internet topology mapping methodology
|1a||Evaluate a new alias resolution technique based on IP pre-specified timestamps (developed at the University of Washington, presented at IMC2010) as part of our Multi-Approach Alias Resolution System (MAARS) process||done|
|1b||Enable execution of interactive real-time requests to run topology and reachability probes from user-specified Ark nodes to user-specified destinations ("topology-on-demand" demonstrated at CATCH-2009 conference)||done|
Task 2: Release MIDAR code for alias resolution
|2a||Release a simple stand-alone corroboration tool running on a single machine that can be used to confirm/refute a suspected alias set of a small size (< 200 addresses)||done|
|2b||Release software to support a full MIDAR run on a single machine that can be used to find aliases in a moderate size set of addresses (< 40 thousand)||done|
|2c||Release software to support a full MIDAR run using coordinated measurements on multiple machines as necessary to find aliases in a large set of addresses (>l 1 million)||done|
Task 3: Add router-level graph visualization to AS-rank web pages
|3a||Develop the necessary back-end database support|
|3b||Create an informative and scalable visualization of routers belonging to a given AS augmented with annotations for ownership, geography, and peering attributes|
|3c||Enable a graphic interface for users to suggest corrections of false topology inferences||done|
|3d||Prepare documentation describing the methodology and algorithms for AS ranking and annotations.||done|
|3e||Submit the methodology and algorithms for publication||done|
|3f||Develop, test, and implement methodology integrating users' feedback as ground truth data on AS relationship and router ownership inferences.|
Improved topo map
|July||Evaluate new technique|
|September||Release 2a||Demo a prototype viz|
|November||Produce new ITDK||Demo an annotated viz|
|February||Web interface to TOD||Graphic user interface|
|#||Associated Task||Deliverable Description||Type||Due date|
|1||Task 1||Functionality to execute topology measurements on-demand||demo||Dec 2011|
|2||Task 3||Visualization of router-level topology for a given AS||demo||Dec 2011|
|3||Task 2||MIDAR alias resolution code||software||Apr 2012|