cheleby
play

Cheleby: Subnet Level Internet Topology Mehmet Hadi Gunes with Hakan - PowerPoint PPT Presentation

Oct 05, 2023 •318 likes •614 views

Cheleby: Subnet Level Internet Topology Mehmet Hadi Gunes with Hakan Kardes and Mehmet B. Akgun Department of Computer Science and Engineering University of Nevada, Reno Subnet Resolution A B C D genuine topology A B A B C D C D

  1. Cheleby: Subnet ‐ Level Internet Topology Mehmet Hadi Gunes with Hakan Kardes and Mehmet B. Akgun Department of Computer Science and Engineering University of Nevada, Reno

  2. Subnet Resolution A B C D genuine topology A B A B C D C D observed topology inferred topology 2 Cheleby: Subnet-Level Internet Topology

  3. [Observed] Degree vs. [Actual] Interfaces Degree : the number of one hop neighbors Interface : the number of links the system is attached to A B A B C D D C X X Y Z Z Y 8 8 Degree Distribution Interface Distribution 6 6 4 4 2 2 0 0 0 2 4 6 0 2 4 6 3 Cheleby: Subnet-Level Internet Topology

  4. Hyper Graphs • Networks modeled as graphs G=(V,E) • Hyper graphs: H= (X,E) can accurately model multi ‐ access links – also, bipartite (2 ‐ mode) graphs 4 2 2 3 3 2 2 1 1 2 4 Cheleby: Subnet-Level Internet Topology

  5. Cheleby System Overview PlanetLab Vantage Points Traces • x -  - L.2 - S.2 - y • x -  - A.1 - W.1 -  - z Structural • y - S.1 - L.1 -  - x Initial Pruner Raw Data Graph Indexer • y - S.1 – U.1 -  - C.1 -  - z (IP) • z -  - C.2 -  -  - x (SGI) • z -  - C.2 -  - U.2 - S.3 - y SubNet Inferrer (SNI) S U K C N z Analytical IP Alias Graph Based Network Topology L H A W Resolver v2 y Induction (GBI) (APARv2), iffinder x http://cheleby.cse.unr.edu 5 Cheleby: Subnet-Level Internet Topology

  6. Round Trip Time Analysis 1 0.9 IPs Observed Unresponsive 0.8 Hops (Trailing 213,303,135 17,537,018 *’s filtered) 0.7 92.40% 7.60% CDF of IP addresses 0.6 0.5 0.4 0.3 0.2 0.1 0 1 44 87 130 173 216 259 302 345 388 431 474 517 560 603 646 689 732 775 818 861 904 947 990 1033 1076 1119 1162 1205 1248 1291 1334 1377 1420 1463 1506 1549 1592 1635 Round Trip Time (in msec) 6 Cheleby: Subnet-Level Internet Topology

  7. Unresponsive Routers • Responsiveness to Direct Probes • Responsiveness to Indirect Probes 7 Cheleby: Subnet-Level Internet Topology

  8. Team Analysis 8 Cheleby: Subnet-Level Internet Topology

  9. Resolution results • Alias Resolution • Subnet Inference 9 Cheleby: Subnet-Level Internet Topology

  10. Degree Distribution • Exponents : ‐ 2.17, ‐ 2.02, ‐ 1.92, respectively 10 Cheleby: Subnet-Level Internet Topology

  11. Interface Distribution • Exponents : ‐ 2.71, ‐ 2.69, ‐ 2.74, respectively 11 Cheleby: Subnet-Level Internet Topology

  12. Subnet Distribution Nodes in Subnets • Exponents : ‐ 3.42, 3.62, respectively 12 Cheleby: Subnet-Level Internet Topology

  13. Synthetic Topology Generation Network Size Generate  ID Generate Nodes Subnets  SD Calculate Degree Satisfies Subnet & Heterogeneous Distribution Interface Swap based on  DD Distributions !!! no Final Match ? yes Topology 13 Cheleby: Subnet-Level Internet Topology

  14. Connectivity Analysis Relation between Interface Distribution and Number of Subnets • Single connected component is feasible only when • connectivity parameter <1 Feasible Region 14 Cheleby: Subnet-Level Internet Topology

  15. Subnet Distribution: ExploreNET 1 100000 0.1 10000 0.01 CCDF 0.001 1000 0.0001 [10 to 250] -1.09 0.00001 100 1 10 100 1000 10000 10 1 1 10 100 1000 10000 Number of Nodes in Subnets Estimating Network Layer Subnet Characteristics via Statistical Sampling , M. Engin Tozal and Kamil Sarac, IFIP/TC6 Networking, Prague, Czech Republic, May’12 15 Cheleby: Subnet-Level Internet Topology

  16. TraceNET Traceroute Path Source Destination Source Destination TraceNET Path TraceNET: An Internet Topology Data Collector , M. Engin Tozal and Kamil Sarac, ACM Internet Measurement Conference, Melbourne, Australia, November 2010

  17. Work in Progress AS 1 VP AS of Interest VP Alias Resolution VP AS 4 Subnet VP Resolution AS 2 VP VP VP AS 3 Per Destination load balancers ? 17 Cheleby: Subnet-Level Internet Topology

  18. Network Traffic Analysis with Bing Li, Jeff Springer, George Bebis

  19. Design Goals • Real time network query – near real time measurement and analysis • Distributed system for – data collecting, storing, accessing, measuring and analyzing NetFlow • Models of detection and classification based on profiling and behavior 19 Network Traffic Analysis

  20. Design Components 20 Network Traffic Analysis

  21. Demonstration • Model Host Roles • Algorithms: – On ‐ line Support Vector Machine – Decision Tree • Ground Truth: – Host Information in Active Directory and vulnerability scanner Nessus database 21 Network Traffic Analysis

  22. Client vs Server Classification 22 Network Traffic Analysis

  23. Personal System vs Public System 23 Network Traffic Analysis

  24. Web Server vs Email Server 24 Network Traffic Analysis

  25. Classifying Two Different Colleges 25 Network Traffic Analysis

  26. Anonymizer Usage • Anonymity network usage via Pig scripting – 205 million packets – about 1.44TB data • Analyzed Anonymity Networks Network Servers Service Tor 61,798 General I2P 2,267 P2P JAP 11 General Remailers 15 Email Proxies 7,246 General Anomymizer,Gotrusted Commercial General

  27. Anonymity Network Geolocation

  28. Thanks

More recommend