The contents of this legacy page are no longer maintained nor supported, and are made available only for historical purposes.

CAIDA's Cybersecurity Project

CAIDA researchers are developing novel Internet mapping technologies that will improve our ability to identify, monitor, and model critical cyberinfrastructure.


An updated two-pager Cybersecurity project infosheet was created in 2016 as a follow up to an earlier request from DHS, when we prepared a one-page overview of the Cybersecurity Project in mid-2015.

Global Cybersecurity challenges

Today "cyber threat" is one of the most serious economic and national security challenges we face as a nation. As the Internet has become an indispensable resource and a norm of everyday life for millions of people, America's economic prosperity in the 21st century crucially depends upon Cybersecurity. Yet thorough understanding of the structure, dynamics, and vulnerabilities of the global Internet is lacking. Versatile measurement infrastructures, reliable, representative, high quality Internet data sets, and advanced analysis tools are scarce and rarely available to researchers and developers.

Cartographic Capabilities for Critical Cyberinfrastructure

This project integrates strategic Internet measurement and data analysis capabilities to deliver annotated Internet topology maps that advance our ability to identify, monitor, and model critical cyber infrastructure.

Dedicated measurement infrastructure

CAIDA designed and deployed a measurement architecture Archipelago (Ark) for conducting ongoing and on-demand Internet measurements. Ark monitors (120 and growing) are distributed all over the world.

The monitors collect connectivity and latency data for a wide cross-section of the commodity Internet .We use these data to derive maps of the Internet at various granularity levels: IP, router, and Autonomous Systems (AS).

Increased completeness, accuracy, and richness of topology maps

CAIDA researchers are developing new techniques to collect, analyze, and process Internet measurement data. Our flagship product is the Internet Topology Data Kits (ITDK), regularly produced and distributed to network and security researchers and analysts. ITDKs contain richly annotated topology maps of the observable Internet at multiple granularity levels, providing a more detailed and validated topological view than has been previously available.

This project has also delivered techniques for more accurate geolocation of IP addresses, detecting anomalies in traceroute data, inference of business relationships and ranking of Internet Service Providers (ISP), novel visualizations of Internet topology, and IPv6 topology maps.

Improved security and situational awareness

Results of this project enable empirical research of critical cyberinfrastructure and deepen our insight into the structure, behavior, and evolution of the global Internet. CAIDA researchers continue to increase the number of Ark vantage points (global monitors), refine measurement methods, and improve analysis and inference algorithms.

Performers, partners, and stakeholders

All data curation, processing and analysis activities are conducted at the University of California, San Diego. We rely on volunteer individuals and organizations hosting our Ark monitors at multiple locations around the globe. We manage hundreds of accounts for commercial, government (DHS, DoD, FCC, NSA), and academic network and security researchers who download our datasets.

Funding support

Department of Homeland Security (DHS) National Science Foundation (NSF)

Support for the Cybersecurity project is provided by the Department of Homeland Security (DHS) contract N66001-08-C-2029 Cartographic Capabilities for Critical Cyberinfrastructure and the National Science Foundation (NSF) grant CNS-1513283 Internet Laboratory for Empirical Network Science: Next Phase. The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright notation thereon. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of DHS, NSF, or the U.S. Government.

Additional Content

CAIDA Recommendations for the next generation of Internet topology measurement platforms

This page provides recommendations for designing and operating the next generation of Internet topology measurement platforms.

CAIDA's Geolocation Tools Comparison

In 2010 CAIDA sought to conduct a comparison survey of geolocation tools for determining the location of an IP address and to evaluate the reliability of such tools. Through this process, we intend to increase awareness of Internet topology structure, behavior, and vulnerabilities.

Last Modified