Proceedings of the ACM Internet Measurement Conference最新文献_第3页

On Measuring RPKI Relying Parties 论RPKI依赖方的测度

Proceedings of the ACM Internet Measurement Conference Pub Date : 2020-10-27 DOI: 10.1145/3419394.3423622

J. Kristoff, R. Bush, Chris Kanich, G. Michaelson, A. Phokeer, T. Schmidt, Matthias Wählisch

引用次数: 14

Learning to Extract and Use ASNs in Hostnames 学习提取和使用主机名中的asn

Proceedings of the ACM Internet Measurement Conference Pub Date : 2020-10-27 DOI: 10.1145/3419394.3423639

M. Luckie, Alexander Marder, Marianne Fletcher, B. Huffaker, K. Claffy

引用次数: 6

Who's left behind?: Measuring Adoption of Application Updates at Scale 谁被落下了?:衡量大规模应用程序更新的采用情况

Proceedings of the ACM Internet Measurement Conference Pub Date : 2020-10-27 DOI: 10.1145/3419394.3423656

John P. Rula, P. Richter, Georgios Smaragdakis, A. Berger

{"title":"Who's left behind?: Measuring Adoption of Application Updates at Scale","authors":"John P. Rula, P. Richter, Georgios Smaragdakis, A. Berger","doi":"10.1145/3419394.3423656","DOIUrl":"https://doi.org/10.1145/3419394.3423656","url":null,"abstract":"This work presents a large-scale, longitudinal measurement study on the adoption of application updates, enabling continuous reporting of potentially vulnerable software populations worldwide. Studying the factors impacting software currentness, we investigate and discuss the impact of the platform and its updating strategies on software currentness, device lock-in effects, as well as user behavior. Utilizing HTTP User-Agent strings from end-hosts, we introduce techniques to extract application and operating system information from myriad structures, infer version release dates of applications, and measure population adoption, at a global scale. To deal with loosely structured User-Agent data, we develop a semi-supervised method that can reliably extract application and version information for some 87% of requests served by a major CDN every day. Using this methodology, we track release and adoption dynamics of some 35,000 applications. Analyzing over three years of CDN logs, we show that vendors' update strategies and platforms have a significant effect on the adoption of application updates. Our results show that, on some platforms, up to 25% of requests originate from hosts running application versions that are out-of-date by more than 100 days, and 16% more than 300 days. We find pronounced differences across geographical regions, and overall, less developed regions are more likely to have out-of-date software versions. Though, for every country, we find that at least 10% of requests reaching the CDN run software that is out-of-date by more than three months.","PeriodicalId":255324,"journal":{"name":"Proceedings of the ACM Internet Measurement Conference","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128535135","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 5

Persistent Last-mile Congestion: Not so Uncommon 持续的最后一英里拥堵:并不罕见

Proceedings of the ACM Internet Measurement Conference Pub Date : 2020-10-27 DOI: 10.1145/3419394.3423648

Romain Fontugne, Anant Shah, Kenjiro Cho

引用次数: 21

Turning Up the Dial: the Evolution of a Cybercrime Market Through Set-up, Stable, and Covid-19 Eras 打开拨号:网络犯罪市场在建立、稳定和Covid-19时代的演变

Proceedings of the ACM Internet Measurement Conference Pub Date : 2020-10-27 DOI: 10.1145/3419394.3423636

A. V. Vu, Jack Hughes, Ildiko Pete, Ben Collier, Y. Chua, Ilia Shumailov, Alice Hutchings

{"title":"Turning Up the Dial: the Evolution of a Cybercrime Market Through Set-up, Stable, and Covid-19 Eras","authors":"A. V. Vu, Jack Hughes, Ildiko Pete, Ben Collier, Y. Chua, Ilia Shumailov, Alice Hutchings","doi":"10.1145/3419394.3423636","DOIUrl":"https://doi.org/10.1145/3419394.3423636","url":null,"abstract":"Trust and reputation play a core role in underground cybercrime markets, where participants are anonymous and there is little legal recourse for dispute arbitration. These underground markets exist in tension between two opposing forces: the drive to hide incriminating information, and the trust and stability benefits that greater openness yields. Revealing information about transactions to mitigate scams also provides valuable data about the market. We analyse the first dataset, of which we are aware, about the transactions created and completed on a well-known and high-traffic underground marketplace, Hack Forums, along with the associated threads and posts made by its users over two recent years, from June 2018 to June 2020. We use statistical modelling approaches to analyse the economic and social characteristics of the market over three eras, especially its performance as an infrastructure for trust. In the Set-up era, we observe the growth of users making only one transaction, as well as 'power-users' who make many transactions. In the Stable era, we observe a wide range of activities (including large-scale transfers of intermediate currencies such as Amazon Giftcards) which declines slowly from an initial peak. Finally, we analyse the effects of the Covid-19 pandemic, concluding that while we see a significant increase in transactins across all categories, this reflects a stimulus of the market, rather than a transformation. New users overcome the 'cold start' problem by engaging in low-level currency exchanges to prove their trustworthiness. We observe currency exchange accounts for most contracts, and Bitcoin and PayPal are the preferred payment methods by trading values and number of contracts involved. The market is becoming more centralised over time around influential users and threads, with significant changes observed during the Set-up and Covid-19 eras.","PeriodicalId":255324,"journal":{"name":"Proceedings of the ACM Internet Measurement Conference","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115261884","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 38

Reduce, Reuse, Recycle: Repurposing Existing Measurements to Identify Stale Traceroutes 减少、重用、再循环:重新利用现有的度量来识别过时的跟踪路由

Proceedings of the ACM Internet Measurement Conference Pub Date : 2020-10-27 DOI: 10.1145/3419394.3423654

V. Giotsas, T. Koch, E. Fazzion, Ítalo F. S. Cunha, Matt Calder, H. Madhyastha, Ethan Katz-Bassett

{"title":"Reduce, Reuse, Recycle: Repurposing Existing Measurements to Identify Stale Traceroutes","authors":"V. Giotsas, T. Koch, E. Fazzion, Ítalo F. S. Cunha, Matt Calder, H. Madhyastha, Ethan Katz-Bassett","doi":"10.1145/3419394.3423654","DOIUrl":"https://doi.org/10.1145/3419394.3423654","url":null,"abstract":"Many systems rely on traceroutes to monitor or characterize the Internet. The quality of the systems' inferences depends on the completeness and freshness of the traceroutes, but the refreshing of traceroutes is constrained by limited resources at vantage points. Previous approaches predict which traceroutes are likely out-of-date in order to allocate measurements, or monitor BGP feeds for changes that overlap traceroutes. Both approaches miss many path changes for reasons including the difficulty in predicting changes and the coarse granularity of BGP paths. This paper presents techniques to identify out-of-date traceroutes without issuing any measurements, even if a change is not visible at BGP granularity. We base our techniques on two observations. First, although BGP updates encode routes at AS granularity, routers issue updates when they change intra-domain routes or peering points within the same AS path. Second, route changes correlate across paths, and many publicly available traceroutes exist. Our techniques maintain an atlas of traceroutes by monitoring BGP updates and publicly available traceroutes for signals to mark overlapping atlas traceroutes as stale. We focus our analysis of traceroute path changes at the granularity of border router IPs which provides an abstraction finer than AS- or PoP-level but is not affected by the periodicity of intra-domain load balancers. Our evaluation indicates that 80% of the traceroutes that our techniques signal as stale have indeed changed, even though the AS hops remained the same. Our techniques combine to identify 79% of all border IP changes, without issuing a single online measurement.","PeriodicalId":255324,"journal":{"name":"Proceedings of the ACM Internet Measurement Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125408643","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 9

Five Alarms: Assessing the Vulnerability of US Cellular Communication Infrastructure to Wildfires 五个警报:评估美国蜂窝通信基础设施对野火的脆弱性

Proceedings of the ACM Internet Measurement Conference Pub Date : 2020-10-27 DOI: 10.1145/3419394.3423663

S. Anderson, C. Barford, P. Barford

{"title":"Five Alarms: Assessing the Vulnerability of US Cellular Communication Infrastructure to Wildfires","authors":"S. Anderson, C. Barford, P. Barford","doi":"10.1145/3419394.3423663","DOIUrl":"https://doi.org/10.1145/3419394.3423663","url":null,"abstract":"Natural disasters can wreak havoc on Internet infrastructure. Short term impacts include impediments to first responders and long term impacts include requirements to repair or replace damaged physical components. In this paper, we present an analysis of the vulnerability of cellular communication infrastructure in the US to one type of natural disaster - wildfires. Three data sets are the basis for our study: historical wildfire records, wildfire risk projections, and cellular infrastructure deployment. We utilize the geographic features in each data set to assess the spatial overlap between historical wildfires and cellular infrastructure and to analyze current vulnerability. We find wide variability in the number of cell transceivers that were within wildfire perimeters over the past 18 years. In a focused analysis of the California wildfires of 2019, we find that the primary risk to cellular communication is power outage rather than cellular equipment damage. Our analysis of future risk based on wildfire hazard potential identifies California, Florida and Texas as the three states with the largest number of cell transceivers at risk. Importantly, we find that many of the areas at high risk are quite close to urban population centers, thus outages could have serious impacts on a large number of cell users. We believe that our study has important implications for governmental communication assurance efforts and for risk planning by cell infrastructure owners and service providers.","PeriodicalId":255324,"journal":{"name":"Proceedings of the ACM Internet Measurement Conference","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130214318","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 7

Uncharted Networks: A First Measurement Study of the Bulk Power System 未知网络:大容量电力系统的首次测量研究

Proceedings of the ACM Internet Measurement Conference Pub Date : 2020-10-27 DOI: 10.1145/3419394.3423630

Kelvin Mai, Xi Qin, Neil Ortiz Silva, J. Molina, A. Cárdenas

引用次数: 4

Identifying Sensitive URLs at Web-Scale 在web级识别敏感url

Proceedings of the ACM Internet Measurement Conference Pub Date : 2020-10-27 DOI: 10.1145/3419394.3423653

S. Matic, Costas Iordanou, Georgios Smaragdakis, Nikolaos Laoutaris

{"title":"Identifying Sensitive URLs at Web-Scale","authors":"S. Matic, Costas Iordanou, Georgios Smaragdakis, Nikolaos Laoutaris","doi":"10.1145/3419394.3423653","DOIUrl":"https://doi.org/10.1145/3419394.3423653","url":null,"abstract":"Several data protection laws include special provisions for protecting personal data relating to religion, health, sexual orientation, and other sensitive categories. Having a well-defined list of sensitive categories is sufficient for filing complaints manually, conducting investigations, and prosecuting cases in courts of law. Data protection laws, however, do not define explicitly what type of content falls under each sensitive category. Therefore, it is unclear how to implement proactive measures such as informing users, blocking trackers, and filing complaints automatically when users visit sensitive domains. To empower such use cases we turn to the Curlie.org crowdsourced taxonomy project for drawing training data to build a text classifier for sensitive URLs. We demonstrate that our classifier can identify sensitive URLs with accuracy above 88%, and even recognize specific sensitive categories with accuracy above 90%. We then use our classifier to search for sensitive URLs in a corpus of 1 Billion URLs collected by the Common Crawl project. We identify more than 155 millions sensitive URLs in more than 4 million domains. Despite their sensitive nature, more than 30% of these URLs belong to domains that fail to use HTTPS. Also, in sensitive web pages with third-party cookies, 87% of the third-parties set at least one persistent cookie.","PeriodicalId":255324,"journal":{"name":"Proceedings of the ACM Internet Measurement Conference","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114855602","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 15

Analyzing Third Party Service Dependencies in Modern Web Services: Have We Learned from the Mirai-Dyn Incident? 分析现代Web服务中的第三方服务依赖:我们是否从Mirai-Dyn事件中学到了什么?

Proceedings of the ACM Internet Measurement Conference Pub Date : 2020-10-27 DOI: 10.1145/3419394.3423664

Aqsa Kashaf, V. Sekar, Yuvraj Agarwal

{"title":"Analyzing Third Party Service Dependencies in Modern Web Services: Have We Learned from the Mirai-Dyn Incident?","authors":"Aqsa Kashaf, V. Sekar, Yuvraj Agarwal","doi":"10.1145/3419394.3423664","DOIUrl":"https://doi.org/10.1145/3419394.3423664","url":null,"abstract":"Many websites rely on third parties for services (e.g., DNS, CDN, etc.). However, it also exposes them to shared risks from attacks (e.g., Mirai DDoS attack [24]) or cascading failures (e.g., GlobalSign revocation error [21]). Motivated by such incidents, we analyze the prevalence and impact of third-party dependencies, focusing on three critical infrastructure services: DNS, CDN, and certificate revocation checking by CA. We analyze both direct (e.g., Twitter uses Dyn) and indirect (e.g., Netflix uses Symantec as CA which uses Verisign for DNS) dependencies. We also take two snapshots in 2016 and 2020 to understand how the dependencies evolved. Our key findings are: (1) 89% of the Alexa top-100K websites critically depend on third-party DNS, CDN, or CA providers i.e., if these providers go down, these websites could suffer service disruption; (2) the use of third-party services is concentrated, and the top-3 providers of CDN, DNS, or CA services can affect 50%-70% of the top-100K websites; (3) indirect dependencies amplify the impact of popular CDN and DNS providers by up to 25X; and (4) some third-party dependencies and concentration increased marginally between 2016 to 2020. Based on our findings, we derive key implications for different stakeholders in the web ecosystem.","PeriodicalId":255324,"journal":{"name":"Proceedings of the ACM Internet Measurement Conference","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122073651","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 30