发布求助
文献互助 智能选刊 最新文献

Proceedings of the 2013 conference on Internet measurement conference最新文献

筛选
英文 中文
Demystifying the dark side of the middle: a field study of middlebox failures in datacenters 揭开中间的黑暗面:对数据中心中间箱故障的实地研究
Proceedings of the 2013 conference on Internet measurement conference Pub Date : 2013-10-23 DOI: 10.1145/2504730.2504737
Rahul Potharaju, Navendu Jain
{"title":"Demystifying the dark side of the middle: a field study of middlebox failures in datacenters","authors":"Rahul Potharaju, Navendu Jain","doi":"10.1145/2504730.2504737","DOIUrl":"https://doi.org/10.1145/2504730.2504737","url":null,"abstract":"Network appliances or middleboxes such as firewalls, intrusion detection and prevention systems (IDPS), load balancers, and VPNs form an integral part of datacenters and enterprise networks. Realizing their importance and shortcomings, the research community has proposed software implementations, policy-aware switching, consolidation appliances, moving middlebox processing to VMs, end hosts, and even offloading it to the cloud. While such efforts can use middlebox failure characteristics to improve their reliability, management, and cost-effectiveness, little has been reported on these failures in the field. In this paper, we make one of the first attempts to perform a large-scale empirical study of middlebox failures over two years in a service provider network comprising thousands of middleboxes across tens of datacenters. We find that middlebox failures are prevalent and they can significantly impact hosted services. Several of our findings differ in key aspects from commonly held views: (1) Most failures are grey dominated by connectivity errors and link flaps that exhibit intermittent connectivity, (2) Hardware faults and overload problems are present but they are not in majority, (3) Middleboxes experience a variety of misconfigurations such as incorrect rules, VLAN misallocation and mismatched keys, and (4) Middlebox failover is ineffective in about 33% of the cases for load balancers and firewalls due to configuration bugs, faulty failovers and software version mismatch. Finally, we analyze current middlebox proposals based on our study and discuss directions for future research.","PeriodicalId":155913,"journal":{"name":"Proceedings of the 2013 conference on Internet measurement conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128285283","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 137
AS relationships, customer cones, and validation AS关系、客户锥和验证
Proceedings of the 2013 conference on Internet measurement conference Pub Date : 2013-10-23 DOI: 10.1145/2504730.2504735
M. Luckie, B. Huffaker, A. Dhamdhere, V. Giotsas, K. Claffy
{"title":"AS relationships, customer cones, and validation","authors":"M. Luckie, B. Huffaker, A. Dhamdhere, V. Giotsas, K. Claffy","doi":"10.1145/2504730.2504735","DOIUrl":"https://doi.org/10.1145/2504730.2504735","url":null,"abstract":"Business relationships between ASes in the Internet are typically confidential, yet knowledge of them is essential to understand many aspects of Internet structure, performance, dynamics, and evolution. We present a new algorithm to infer these relationships using BGP paths. Unlike previous approaches, our algorithm does not assume the presence (or seek to maximize the number) of valley-free paths, instead relying on three assumptions about the Internet's inter-domain structure: (1) an AS enters into a provider relationship to become globally reachable; and (2) there exists a peering clique of ASes at the top of the hierarchy, and (3) there is no cycle of p2c links. We assemble the largest source of validation data for AS-relationship inferences to date, validating 34.6% of our 126,082 c2p and p2p inferences to be 99.6% and 98.7% accurate, respectively. Using these inferred relationships, we evaluate three algorithms for inferring each AS's customer cone, defined as the set of ASes an AS can reach using customer links. We demonstrate the utility of our algorithms for studying the rise and fall of large transit providers over the last fifteen years, including recent claims about the flattening of the AS-level topology and the decreasing influence of tier-1 ASes on the global Internet.","PeriodicalId":155913,"journal":{"name":"Proceedings of the 2013 conference on Internet measurement conference","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128335150","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 262
Scap: stream-oriented network traffic capture and analysis for high-speed networks Scap:用于高速网络的面向流的网络流量捕获和分析
Proceedings of the 2013 conference on Internet measurement conference Pub Date : 2013-10-23 DOI: 10.1145/2504730.2504750
A. Papadogiannakis, M. Polychronakis, E. Markatos
{"title":"Scap: stream-oriented network traffic capture and analysis for high-speed networks","authors":"A. Papadogiannakis, M. Polychronakis, E. Markatos","doi":"10.1145/2504730.2504750","DOIUrl":"https://doi.org/10.1145/2504730.2504750","url":null,"abstract":"Many network monitoring applications must analyze traffic beyond the network layer to allow for connection-oriented analysis, and achieve resilience to evasion attempts based on TCP segmentation. However, existing network traffic capture frameworks provide applications with just raw packets, and leave complex operations like flow tracking and TCP stream reassembly to application developers. This gap leads to increased application complexity, longer development time, and most importantly, reduced performance due to excessive data copies between the packet capture subsystem and the stream processing module. This paper presents the Stream capture library (Scap), a network monitoring framework built from the ground up for stream-oriented traffic processing. Based on a kernel module that directly handles flow tracking and TCP stream reassembly, Scap delivers to user-level applications flow-level statistics and reassembled streams by minimizing data movement operations and discarding uninteresting traffic at early stages, while it inherently supports parallel processing on multi-core architectures, and uses advanced capabilities of modern network cards. Our experimental evaluation shows that Scap can capture all streams for traffic rates two times higher than other stream reassembly libraries, and can process more than five times higher traffic loads when eight cores are used for parallel stream processing in a pattern matching application.","PeriodicalId":155913,"journal":{"name":"Proceedings of the 2013 conference on Internet measurement conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129349531","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
Understanding the super-sized traffic of the super bowl 了解超级碗的超大流量
Proceedings of the 2013 conference on Internet measurement conference Pub Date : 2013-10-23 DOI: 10.1145/2504730.2504770
Jeffrey Erman, Kadangode K. Ramakrishnan
{"title":"Understanding the super-sized traffic of the super bowl","authors":"Jeffrey Erman, Kadangode K. Ramakrishnan","doi":"10.1145/2504730.2504770","DOIUrl":"https://doi.org/10.1145/2504730.2504770","url":null,"abstract":"Large events like the Super Bowl, where almost 75K attendees congegrate for several hours, poses a significant challenge in the planning, design and deployment of wireless networks. This was one of the first events where the LTE cellular network was available widely, in addition to almost 700 WiFi free hotspots. The Super Bowl in 2013 was also unprecedented because of a stadium-wide power outage for over half an hour. This study is the first to look in-depth at the user behaviours and traffic demand of a large ISP's celluar network at such an unique event. The findings of this study can be used to guide the design of the communication networks of large venues in the future. There are several key insights from our study of the data collected. First, LTE speeds enable subscribers at venues to stream high-quality video and this can be a signficant source of traffic. Second, the configuration of the uplink for such events is key, and a thoughtful approach to the design of applications that use the cloud for storing user data can substantially mitigate the congestion on the resource constrained uplink. Further, while it is tempting to take advantage of multicast on the cellular network (e.g., deploying technologies such as eMBMS in a venue), our results indicate that there is a need to combine multicast with caching to remove the strict requirement of overlap of requests from users to derive that benefit.","PeriodicalId":155913,"journal":{"name":"Proceedings of the 2013 conference on Internet measurement conference","volume":"04 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127267961","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 85
From Paris to Tokyo: on the suitability of ping to measure latency 从巴黎到东京:关于ping测量延迟的适用性
Proceedings of the 2013 conference on Internet measurement conference Pub Date : 2013-10-23 DOI: 10.1145/2504730.2504765
C. Pelsser, L. Cittadini, Stefano Vissicchio, R. Bush
{"title":"From Paris to Tokyo: on the suitability of ping to measure latency","authors":"C. Pelsser, L. Cittadini, Stefano Vissicchio, R. Bush","doi":"10.1145/2504730.2504765","DOIUrl":"https://doi.org/10.1145/2504730.2504765","url":null,"abstract":"Monitoring Internet performance and measuring user quality of experience are drawing increased attention from both research and industry. To match this interest, large-scale measurement infrastructures have been constructed. We believe that this effort must be combined with a critical review and calibrarion of the tools being used to measure performance. In this paper, we analyze the suitability of ping for delay measurement. By performing several experiments on different source and destination pairs, we found cases in which ping gave very poor estimates of delay and jitter as they might be experienced by an application. In those cases, delay was heavily dependent on the flow identifier, even if only one IP path was used. For accurate delay measurement we propose to replace the ping tool with an adaptation of paris-traceroute which supports delay and jitter estimation, without being biased by per-flow network load balancing.","PeriodicalId":155913,"journal":{"name":"Proceedings of the 2013 conference on Internet measurement conference","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123349005","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 73
Network fingerprinting: TTL-based router signatures 网络指纹:基于http协议的路由器签名
Proceedings of the 2013 conference on Internet measurement conference Pub Date : 2013-10-23 DOI: 10.1145/2504730.2504761
Yves Vanaubel, Jean-Jacques Pansiot, P. Mérindol, B. Donnet
{"title":"Network fingerprinting: TTL-based router signatures","authors":"Yves Vanaubel, Jean-Jacques Pansiot, P. Mérindol, B. Donnet","doi":"10.1145/2504730.2504761","DOIUrl":"https://doi.org/10.1145/2504730.2504761","url":null,"abstract":"Fingerprinting networking equipment has many potential applications and benefits in network management and security. More generally, it is useful for the understanding of network structures and their behaviors. In this paper, we describe a simple fingerprinting mechanism based on the initial TTL values used by routers to reply to various probing messages. We show that main classes obtained using this simple mechanism are meaningful to distinguish routers platforms. Besides, it comes at a very low additional cost compared to standard active topology discovery measurements. As a proof of concept, we apply our method to gain more insight on the behavior of MPLS routers and to, thus, more accurately quantify their visible/invisible deployment.","PeriodicalId":155913,"journal":{"name":"Proceedings of the 2013 conference on Internet measurement conference","volume":"84 2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122602911","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 42
A method for identifying and confirming the use of URL filtering products for censorship 一种识别和确认使用URL过滤产品进行审查的方法
Proceedings of the 2013 conference on Internet measurement conference Pub Date : 2013-10-23 DOI: 10.1145/2504730.2504763
Jakub Dalek, Bennett Haselton, Helmi Noman, A. Senft, Masashi Crete-Nishihata, Phillipa Gill, Ronald J. Deibert
{"title":"A method for identifying and confirming the use of URL filtering products for censorship","authors":"Jakub Dalek, Bennett Haselton, Helmi Noman, A. Senft, Masashi Crete-Nishihata, Phillipa Gill, Ronald J. Deibert","doi":"10.1145/2504730.2504763","DOIUrl":"https://doi.org/10.1145/2504730.2504763","url":null,"abstract":"Products used for managing network traffic and restricting access to Web content represent a dual-use technology. While they were designed to improve performance and protect users from inappropriate content, these products are also used to censor the Web by authoritarian regimes around the globe. This dual use has not gone unnoticed, with Western governments placing restrictions on their export. Our contribution is to present methods for identifying installations of URL filtering products and confirming their use for censorship. We first present a methodology for identifying externally visible installations of URL filtering products in ISPs around the globe. Further, we leverage the fact that many of these products accept user-submitted sites for blocking to confirm that a specific URL filtering product is being used for censorship. Using this method, we are able to confirm the use of McAfee SmartFilter in Saudi Arabia and the United Arab Emirates (UAE) and Netsweeper in Qatar, the UAE, and Yemen. Our results show that these products are being used to block a range of content, including oppositional political speech, religious discussion and gay and lesbian material, speech generally protected by international human rights norms.","PeriodicalId":155913,"journal":{"name":"Proceedings of the 2013 conference on Internet measurement conference","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124958419","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 45
A fistful of bitcoins: characterizing payments among men with no names 一把比特币:匿名男子之间的支付特征
Proceedings of the 2013 conference on Internet measurement conference Pub Date : 2013-10-23 DOI: 10.1145/2504730.2504747
S. Meiklejohn, Marjori Pomarole, Grant Jordan, Kirill Levchenko, Damon McCoy, G. Voelker, S. Savage
{"title":"A fistful of bitcoins: characterizing payments among men with no names","authors":"S. Meiklejohn, Marjori Pomarole, Grant Jordan, Kirill Levchenko, Damon McCoy, G. Voelker, S. Savage","doi":"10.1145/2504730.2504747","DOIUrl":"https://doi.org/10.1145/2504730.2504747","url":null,"abstract":"Bitcoin is a purely online virtual currency, unbacked by either physical commodities or sovereign obligation; instead, it relies on a combination of cryptographic protection and a peer-to-peer protocol for witnessing settlements. Consequently, Bitcoin has the unintuitive property that while the ownership of money is implicitly anonymous, its flow is globally visible. In this paper we explore this unique characteristic further, using heuristic clustering to group Bitcoin wallets based on evidence of shared authority, and then using re-identification attacks (i.e., empirical purchasing of goods and services) to classify the operators of those clusters. From this analysis, we characterize longitudinal changes in the Bitcoin market, the stresses these changes are placing on the system, and the challenges for those seeking to use Bitcoin for criminal or fraudulent purposes at scale.","PeriodicalId":155913,"journal":{"name":"Proceedings of the 2013 conference on Internet measurement conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121273290","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 361
Next stop, the cloud: understanding modern web service deployment in EC2 and azure 下一站,云:了解在EC2和azure中的现代web服务部署
Proceedings of the 2013 conference on Internet measurement conference Pub Date : 2013-10-23 DOI: 10.1145/2504730.2504740
Keqiang He, Alexis Fisher, Liang Wang, Aaron Gember, Aditya Akella, T. Ristenpart
{"title":"Next stop, the cloud: understanding modern web service deployment in EC2 and azure","authors":"Keqiang He, Alexis Fisher, Liang Wang, Aaron Gember, Aditya Akella, T. Ristenpart","doi":"10.1145/2504730.2504740","DOIUrl":"https://doi.org/10.1145/2504730.2504740","url":null,"abstract":"An increasingly large fraction of Internet services are hosted on a cloud computing system such as Amazon EC2 or Windows Azure. But to date, no in-depth studies about cloud usage by Internet services has been performed. We provide a detailed measurement study to shed light on how modern web service deployments use the cloud and to identify ways in which cloud-using services might improve these deployments. Our results show that: 4% of the Alexa top million use EC2/Azure; there exist several common deployment patterns for cloud-using web service front ends; and services can significantly improve their wide-area performance and failure tolerance by making better use of existing regional diversity in EC2. Driving these analyses are several new datasets, including one with over 34 million DNS records for Alexa websites and a packet capture from a large university network.","PeriodicalId":155913,"journal":{"name":"Proceedings of the 2013 conference on Internet measurement conference","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125294583","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 93
AS-level topology collection through looking glass servers 通过镜像服务器收集应用服务器级拓扑
Proceedings of the 2013 conference on Internet measurement conference Pub Date : 2013-10-23 DOI: 10.1145/2504730.2504758
Akmal Khan, Taekyoung Kwon, Hyunchul Kim, Yanghee Choi
{"title":"AS-level topology collection through looking glass servers","authors":"Akmal Khan, Taekyoung Kwon, Hyunchul Kim, Yanghee Choi","doi":"10.1145/2504730.2504758","DOIUrl":"https://doi.org/10.1145/2504730.2504758","url":null,"abstract":"While accurate and complete modeling of the Internet topology at the Autonomous System (AS) level is critical for future protocol design, performance evaluation, simulation and analysis, still it remains a challenge to construct its accurate representation. In this paper, we collect BGP route announcements of ASes from Looking glass (LG) servers. By querying LG servers, we build an AS topology estimate of around 116 K AS links, from which we discover 11 K new AS links and 686 new ASes. We conclude that collecting BGP traces from LG servers can help enhance the current view of the AS topology from the BGP collector projects (e.g., RouteViews).","PeriodicalId":155913,"journal":{"name":"Proceedings of the 2013 conference on Internet measurement conference","volume":"130 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121458479","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 37
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信