Author Archives: Steve Uhlig

Looking for Hypergiants in PeeringDB

Timm Böttger, Felix Cuadrado, Steve Uhlig
Abstract

Hypergiants, such as Google or Netflix, are important organisations in the Internet ecosystem, due to their sheer impact in terms of traffic volume exchanged. However, the research community still lacks a sufficiently crisp definition for them, beyond naming specific instances of them. In this paper we analyse PeeringDB data and identify features that differentiate hypergiants from the other organisations. To this end, we first characterise the organisations present in PeeringDB, allowing us to identify discriminating properties of these organisations. We then use these properties to separate the data in two clusters, differentiating hypergiants from other organisations. We conclude this paper by investigating how hypergiants and other organisations exploit the IXP ecosystem to reach the global IPv4 space.

Download the full article

 

Practical Challenge-Response for DNS

Rami Al-Dalky, Michael RabinovichMark Allman
Abstract

Authoritative DNS servers are susceptible to being leveraged in denial of service attacks in which the attacker sends DNS queries while masquerading as a victim—and hence causing the DNS server to send the responses to the victim. This reflection off innocent DNS servers hides the attackers identity and often allows the attackers to amplify their traffic by employing small requests to elicit large responses. Several challenge-response techniques have been proposed to establish a requester’s identity before sending a full answer. However, none of these are practical in that they do not work in the face of “resolver pools”—or groups of DNS resolvers that work in concert to lookup records in the DNS. In these cases a challenge transmitted to some resolver R1 may be handled by a resolver R2, hence leaving an authoritative DNS server wondering whether R2 is in fact another resolver in the pool or a victim. We offer a practical challenge-response mechanism that uses challenge chains to establish identity in the face of resolver pools. We illustrate that the practical cost of our scheme in terms of added delay is small.

Download the full article

Mosaic5G: Agile and Flexible Service Platforms for 5G Research

Navid NikaeinChia-Yu Chang, Konstantinos Alexandris
Abstract

Network slicing is one of the key enablers to provide the required flexibility and to realize the service-oriented vision toward fifth generation (5G) mobile networks. In that sense, virtualization, softwarization, and disaggregation are core concepts to accommodate the requirements of an end-to-end (E2E) service to be either isolated, shared, or customized. They lay the foundation for a multi-service and multi-tenant architecture, and are realized by applying the principles of software-defined networking (SDN), network function virtualization (NFV), and cloud computing to the mobile networks. Research on these principles requires agile and flexible platforms that offer a wide range of real-world experimentations over different domains to open up innovations in 5G. To this end, we present Mosaic5G, a community-led consortium for sharing platforms, providing a number of software components, namely FlexRAN, LL-MEC, JOX and Store, spanning application, management, control and user plane on top of OpenAirInterface (OAI) platform. Finally, we show several use cases of Mosaic5G corresponding to widely-mentioned 5G research directions.

Download the full article

NDN Host Model

Haitao ZhangYanbiao Li , Zhiyi Zhang, Alexander Afanasyev, Lixia Zhang
Abstract

As a proposed Internet architecture, Named Data Networking (NDN) changes the network communication model from delivering packets to destinations identified by IP addresses to fetching data packets by names. This architectural change leads to changes of host functions and initial configurations. In this paper we present an overview of the host functions in an NDN network, together with necessary operations to configure an NDN host.We also compare and contrast the functionality and configuration between an NDN host and an IP host, to help readers see the differences in between clearly.

Download the full article

Workshop on Internet Economics (WIE2017) Final Report

KC Claffy, Geoff Huston  David Clark,
Abstract

On December 13-14 2017, CAIDA hosted the 8th interdisciplinary
Workshop on Internet Economics (WIE) at the UC San Diego’s Supercomputer Center. This workshop series provides a forum for researchers, Internet facilities and service providers, technologists, economists, theorists, policy makers, and other stakeholders to exchange views on current and emerging regulatory and policy debates. The FCC’s expected decision (released during the workshop, on 14 December 2017) — to repeal the 2015 classification of broadband Internet access service as a telecommunications
(common carrier) service — set the stage for vigorous discussion on what type of data can inform debate, development, and empirical evaluation of public policies we will need for Internet services in the future.

Download the full article DOI:

Best CCR papers presented at SIGCOMM’18

Every year, the CCR Editorial board selects the two best paper that were published during the previous year (i.e. the July 2017, October 2017, January 2018 and April 2018 issues) for presentation during the SIGCOMM conference. During SIGCOMM’18, two CCR papers will be presented :

Both papers proposed a methodology, collected measurements and released artefacts to allow other researchers to build upon and extend the paper results. A recent study shows that a growing fraction of the papers published within our community contains artefacts (software, measurements datasets, …). CCR encourages the publications of such papers by allowing them to be longer than six pages.

The April 2018 Issue

This issue starts with two technical articles that provide artefacts. The first one, Scanning the Internet for Liveness, written by a team of eight researchers led by S. Bano uses the ZMap software to probe the IPv4 addressing space for Internet hosts that respond to different types of probes. They propose different liveness probes that use ICMP, TCP and UDP. Their scans of the IPv4 Internet revealed that different protocols (or ports for TCP/UDP) provide different results as different types of hosts respond or not to different types of probes. Furthermore, collecting ICMP error messages for the TCP and UDP probes is important to increase the coverage. The authors release their modification to ZMap that includes the proposed probes and data collected during their measurement campaigns.

The second technical paper that provides artefacts is A First Look at Certifi- cation Authority Authorization (CAA) was co-authored by eleven researchers led by Q. Scheitle. This is also a measurement paper that tries to understand how the Certification Authority Authorization (CAA) DNS record is actually used by Certification Authorities (CA), domain holders and DNS operators. This is a timely paper since RFC6844 mandates that CAs validate CAA records as of September 8, 2017. Their study reveals some anomalies for already-issued certificates and they provide some guidelines to improve the security impact of CAA. Their study continues and you can follow the updated results on https://caastudy. github.io. The authors release both the collected data and their analysis tools.

In our third technical paper, Towards Slack-Aware Networking, Fahad Dogar proposes a new architecture targeted at machine-to-machine communications where hosts could indicate some slack when transmitting packets to let the network optimise their delivery to reduce the consumption of network ressources. This new idea still needs to be implemented and validated but it could open new directions of research.

In addition to the technical papers, this issue also contains three editorial notes. In VANETs’ research over the past decade: overview, credibility, and trends, E. Caval- canti et al. provide a detailed survey of the research in Vehicular Ad hoc Networks (VANETs) during the last decade and analyse 283 papers according to different criterias. They release the collected data as paper artefacts. In Failures from the Environment, a Report on the First FAILSAFE workshop, M. Breza et al. summarise the FAILSAFE 2017 workshop held at the SenSys 2017 conference. Finally, I. Baldin et al. summarise in The Future of Distributed Network Research Infrastructure the lessons that they learned from the Global Environment for Network Innovations (GENI) infrastructure and provide several directions for future research projects.

I hope that you will enjoy reading this new issue and welcome comments and suggestions on CCR Online or by email at ccr-editor at sigcomm.org.

Olivier Bonaventure

CCR Editor

Scanning the Internet for Liveness

Shehar Bano, Philipp Richter, Mobin Javed, Srikanth Sundaresan, Zakir Durumeric, Steven J. Murdoch, Richard Mortier, Vern Paxson

Abstract

Internet-wide scanning depends on a notion of liveness: does a target IP address respond to a probe packet? However, the interpretation of such responses, or lack of them, is nuanced and depends on multiple factors, including: how we probed, how different protocols in the network stack interact, the presence of filtering policies near the target, and temporal churn in IP responsiveness. Although often neglected, these factors can significantly affect the results of active measurement studies. We develop a taxonomy of liveness which we employ to develop a method to perform concurrent IPv4 scans using ICMP, five TCP-based, and two UDP-based protocols, comprehensively capturing all responses to our probes, including negative and cross-layer responses. Leveraging our methodology, we present a systematic analysis of liveness and how it manifests in active scanning campaigns, yielding practical insights and methodological improvements for the design and the execution of active Internet measurement studies.

Download the full article DOI:10.1145/3213232.3213234

A First Look at Certification Authority Authorization (CAA)

Quirin Scheitle, Taejoong Chung, Jens Hiller, Oliver Gasser, Johannes Naab, Roland van Rijswijk-Deij, Oliver Hohlfeld, Ralph Holz, Dave Choffnes, Alan Mislove, Georg Carle

Abstract

Shaken by severe compromises, the Web’s Public Key Infrastructure has seen the addition of several security mechanisms over recent years. One such mechanism is the Certification Authority Authorization (CAA) DNS record, that gives domain name holders control over which Certification Authorities (CAs) may issue certificates for their domain. First defined in RFC 6844, adoption by the CA/B forum mandates that CAs validate CAA records as of September 8, 2017. The success of CAA hinges on the behavior of three actors: CAs, domain name holders, and DNS operators. We empirically study their behavior, and observe that CAs exhibit patchy adherence in issuance experiments, domain name holders configure CAA records in encouraging but error-prone ways, and only six of the 31 largest DNS operators enable customers to add CAA records. Furthermore, using historic CAA data, we uncover anomalies for already-issued certificates. We disseminated our results in the community. This has already led to specific improvements at several CAs and revocation of mis-issued certificates. Furthermore, in this work, we suggest ways to improve the security impact of CAA. To foster further improvements and to practice reproducible research, we share raw data and analysis tools.

Download the full article DOI:10.1145/3213232.3213235

Towards Slack-Aware Networking

Fahad R. Dogar

Abstract

We are moving towards an Internet where most of the packets may be consumed by machines — set-top-boxes or smart-phone apps prefetching content, Internet of Things (IoT) devices uploading their data to the cloud, or data centers doing geo-distributed replication. We observe that such machine centric communication can afford to have slack built into it: every packet can be marked as to when it will be consumed in future. Slack could be anywhere from seconds to hours or even days. In this paper, we make a case for slack-aware networking by illustrating slack opportunities that arise for a wide range of applications as they interact with the cloud and its pricing models (e.g., spot pricing). We also sketch the design of SlackStack, a network stack with explicit support for slack at multiple levels of the stack, from a slack-based interface to slack-aware optimizations at the transport and network layers.

Download the full article DOI:10.1145/3213232.3213236