We propose to explore the feasibility of codifying an Open Knowledge Network (OKN) about properties of the Internet identifier system - the domain names and addresses that represent communication entities - and the rich structural relationships among these entities.
Funding source: NSF C-ACCEL OIA-1937165. Period of performance: September 1, 2019 - May 31, 2020.
As the Internet has become critical infrastructure, society has grown increasingly exposed to the fundamental security weaknesses embedded in the underlying TCP/IP architecture, as well as new vulnerabilities, some of which are rooted in the competitive landscape itself. Despite herculean efforts across industry, government, NGOs, and academia, we still lack an understanding of the effectiveness of risk-mitigating efforts, or to what extent such defenses have been deployed. The epistomelogical gap extends beyond security to our fundamental understanding of the Internet's structure and evolution, and how to think about public policy in this space. Although data sources exist, their volume, complexity, and disparate formats render knowledge elusive, and where it emerges, often proprietary.
We propose to explore the feasibility of codifying an Open Knowledge Network (OKN) about properties of the Internet identifier system - the domain names and addresses that represent communication entities - and the rich structural relationships among these entities. We envision a system that allows targeted queries against this information, interactive analysis of baseline and anomalous structure and trends, and access to an interdisciplinary community of experts that can help explain legal and public policy implications of empirical results.
We structure this Phase 1 project in two tasks. Task 1, the central focus, is a team-building effort, led by initial partners with a strong history of navigating the interdisciplinary challenges of Internet mapping research, including commercial and privacy sensitivities, especially regarding evidence of vulnerabilities or harms to businesses, consumers, and the infrastructure itself.
Task 2 leverages the set of use cases prioritized by the emerging team to undertake the design and prototyping necessary to explore the technical feasibility of the proposed OKN. We will develop a commercial-cloud-based prototype of subsets of our ongoing data collections, to evaluate the efficiency and effectiveness of commercial cloud services as back end infrastructure, and to estimate development effort required to support specific use cases.
|Task 1: Build Team and Define Open Knowledge Network (OKN): People, Principles, Purpose|
|1.1||Host a workshop including training and cross-cohort collaboration||Dec 2019|
|1.2||Host a second workshop including training and implementation||Feb 2020|
|1.3||Refine plan for proposed KISMET architecture||---|
|Task 2: Design KISMET prototype: Patterns, Protocols, Production|
|2.1||Conceptualiize and construct a heavily annotated map of the DNS cartography namespace||---|
|2.2||Design a knowledge graph representation of the DNS cartography space||---|
|2.3||Superimpose the DNS resolution topology knowledge graph over an underlying AS-level topology knowledge graph||---|
|2.4||Modify CAIDA scamper tool to use Route Views collectors as vantage points for traceroutes into all the neighbors peering with the collector||---|
|2.5||Study trends in concentration of address space ownership||---|
|2.6||Seek correlations of IP and DNS data and connectivity structure with blacklist and spoofing data to infer properties that seem to hinder or promote ocybersecurity preparedness||---|
|2.7||Establish scientific framework for assessing the integrity of blacklists||---|