a traffic study to interleaved dark space
play

A Traffic Study to Interleaved Dark Space Markus De Shon (mdeshon) - PowerPoint PPT Presentation

Apr 06, 2024 •266 likes •463 views

A Traffic Study to Interleaved Dark Space Markus De Shon (mdeshon) Agenda Methodology Results Discussion on Data Sharing Methodology Methodology Flow collection at Google Sampled sFlow and Netflow v{5,9} collected at network devices

  1. A Traffic Study to Interleaved Dark Space Markus De Shon (mdeshon)

  2. Agenda Methodology Results Discussion on Data Sharing

  3. Methodology Methodology

  4. Flow collection at Google ● Sampled sFlow and Netflow v{5,9} collected at network devices ● Written as annotated flow records to Google log infrastructure ● Google tools available for analysis ○ Mapreduce for batch processing ○ Near-real-time processing pipeline ○ Time series anomaly detection pipeline, with event classification and alerting

  5. Darkspace at Google ● Some IP spaces allocated but unused (likely temporary) ● Most allocated IP space well-populated ● Some netblocks unused within larger populated blocks ● Allocated IP space identified from public IPs listed in internal network allocation database ○ Use inbound flow data instead? (messy) ● Unused space identified empirically, no outbound flows from a /24 in the last X days → Must keep dynamically updated list of unused IP spaces. When traffic is observed from a /24, remove from list. Batch runs over X days to identify new unused spaces.

  6. Entropy timeseries Calculate (packet count-weighted) information entropy by ● sIP ● sPort ● dIP ● dPort cf. Zseby FloCon 2012 ● Also calculated Bpp, not that useful so far... Scalable counting by unique keys in first Mapreduce Entropy sums in second Mapreduce All darkspace traffic aggregated, single timeseries per entropy

  7. Results Results

  8. Timeseries of full time span

  9. backscatter 2012-04-06 12:00

  10. 2012-04-12 04:00

  11. 2012-04-22 22:00

  12. 2012-04-23 15:00

  13. scan 2012-04-25 12:00

  14. Future work ● Maintain a constantly updated map of active/dark network addresses ○ Darkspace telescope ○ Scan detection ● Integration of darkspace into near-real-time flow processing pipeline ● Study our IPv6 darkspace? ○ Huston NANOG 50 paper shows almost entirely misconfigured traffic, 100s of kbps across a /12 ○ Will IPv6 darkspace be interesting?

  15. Discussion on Data Sharing Data sharing discussion

  16. Needs for data sharing No user data (requirement) ● Perfect identification/maintenance of dark IP space Don't leak IP usage info (requirement) ● Nonreversible (?) map of dark IPs to reported IPs, OR ● No destination IPs reported

  17. Needs for data sharing (2) External source IP anonymization? ● Some kind of privacy-preserving query mechanisms... IANACrypto, but some system with features: ○ Alice delivers f(A), Bob delivers g(B) ○ Eve can perform Test(A==B) that does not reveal A or B, but permits aggregation across data sources to calculate total entropies ● Trusted sharing (e.g. SIE ISC) ● Other privacy-preserving designs (e.g. DEMONS) Maximize aggregation (desirable) ● Share aggregate counts with one-way keys ● Perform entropy calculations in the sharing environment

  18. Thank you! Questions and Answers

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

7 TIPS FOR DARK SPACE RODENT CONTROL DARK SPACE RODENT CONTROL Harnessing knowledge, deep AI

7 TIPS FOR DARK SPACE RODENT CONTROL DARK SPACE RODENT CONTROL Harnessing knowledge, deep AI

7 TIPS FOR DARK SPACE RODENT CONTROL DARK SPACE RODENT CONTROL Harnessing knowledge, deep AI learning and digital advancements to increase rodent control business, customer satisfaction 2 DARK SPACE RODENT CONTROL CH CHANGING WEATHER

967 views • 37 slides
PAMELA science PAMELA AMELA PAMELA is a Space Observatory @ 1AU Search for dark matter

PAMELA science PAMELA AMELA PAMELA is a Space Observatory @ 1AU Search for dark matter

PAMELA science PAMELA AMELA PAMELA is a Space Observatory @ 1AU Search for dark matter Search for primordial antimatter but also: Study of cosmic-ray origin and propagation Study of solar physics and solar modulation

814 views • 39 slides
Dark Matter, Dark Energy, and Dark Gravity Alan Heavens Imperial College London ! Friends of

Dark Matter, Dark Energy, and Dark Gravity Alan Heavens Imperial College London ! Friends of

Dark Matter, Dark Energy, and Dark Gravity Alan Heavens Imperial College London ! Friends of Imperial College 28 January 2014 Space Space is big. You just won't believe how vastly, hugely, mind- bogglingly big it is. I mean, you may

637 views • 40 slides
NOW Handout Page 1 9 Parallel Architecture Framework Scalable Machines What are the design

NOW Handout Page 1 9 Parallel Architecture Framework Scalable Machines What are the design

Natural Extensions of Memory System P P 1 n Scale Switch (Interleaved) First-level $ P P 1 n Distributed Memory Multiprocessors $ $ (Interleaved) Main memory Interconnection network CS 252, Spring 2005 Mem Mem Shared Cache

348 views • 9 slides
BLINC: Multilevel Traffic Classification in the Dark Thomas Karagiannis, UC Riverside

BLINC: Multilevel Traffic Classification in the Dark Thomas Karagiannis, UC Riverside

BLINC: Multilevel Traffic Classification in the Dark Thomas Karagiannis, UC Riverside Konstantina Papagiannaki, Intel Research Cambridge Michalis Faloutsos, UC Riverside The problem of workload characterization The goal: Classify Internet

649 views • 29 slides
Dark matter ManojKaplinghat under our UniversityofCalifornia,Irvine feet and in

Dark matter ManojKaplinghat under our UniversityofCalifornia,Irvine feet and in

Dark matter ManojKaplinghat under our UniversityofCalifornia,Irvine feet and in the sky Searching for Dark Matter Particles on Earth and in Space photo by Art Rosch Tuesday, June 26, 2012 dark matter searches are

575 views • 38 slides
TRAFFIC AND PARKING STUDIES 1 PARROTT DRIVE SHELTON, CT JUNE 4, 2020 TRAFFIC STUDY Review

TRAFFIC AND PARKING STUDIES 1 PARROTT DRIVE SHELTON, CT JUNE 4, 2020 TRAFFIC STUDY Review

TRAFFIC AND PARKING STUDIES 1 PARROTT DRIVE SHELTON, CT JUNE 4, 2020 TRAFFIC STUDY Review existing conditions Estimate future conditions Determine traffic impact Recommendations SITE LOCATION AND STUDY INTERSECTIONS FUTURE SITE

119 views • 10 slides
Study on Chameleonic Dark Matter in F(R) Gravity Taishi Katsuragawa (CCNU) Reference Dark

Study on Chameleonic Dark Matter in F(R) Gravity Taishi Katsuragawa (CCNU) Reference Dark

February 13, 2018 @ YITP , Kyoto Univ. Gravity and Cosmology 2018 Study on Chameleonic Dark Matter in F(R) Gravity Taishi Katsuragawa (CCNU) Reference Dark matter in modified gravity? Phys . Rev. D95 044040 (2017) Cosmic History of

478 views • 15 slides
South Bethany Traffic Calming/Pedestrian Safety Study Town of South Bethany Traffic Committee

South Bethany Traffic Calming/Pedestrian Safety Study Town of South Bethany Traffic Committee

South Bethany Traffic Calming/Pedestrian Safety Study Town of South Bethany Traffic Committee John Janowski Mike Trentadue Dave Wilson Study Route Analysis of implemented measures Speed by date 25 Radar signs Post radar sign installation

285 views • 26 slides
Drunk Driving & Traffic Casualties Case Study: India By Dr. Rohit Baluja President, IRTE

Drunk Driving & Traffic Casualties Case Study: India By Dr. Rohit Baluja President, IRTE

Drunk Driving & Traffic Casualties Case Study: India By Dr. Rohit Baluja President, IRTE & Director, College of Traffic Management ------- Geneva 23 September 2013 ------- Road Safety: Definition Traffic Legislation Traffic And Road

544 views • 43 slides
ITU-T Activities on Traffic Engineering of IP VPNs Wai Sum Lai AT&T Labs WP3/2 (Traffic

ITU-T Activities on Traffic Engineering of IP VPNs Wai Sum Lai AT&T Labs WP3/2 (Traffic

ITU-T Activities on Traffic Engineering of IP VPNs Wai Sum Lai AT&T Labs WP3/2 (Traffic Engineering) E.ipvpn ITU-T Study Group 2, Working Party 3 (Traffic Engineering) http://www.itu.int/ITU-T/com2/index.html 3 Questions (in

631 views • 5 slides
USING MOLECULAR GAS PROPERTIES TO STUDY AGN Anne Klitsch DARK, Niels Bohr Institute, University

USING MOLECULAR GAS PROPERTIES TO STUDY AGN Anne Klitsch DARK, Niels Bohr Institute, University

USING MOLECULAR GAS PROPERTIES TO STUDY AGN Anne Klitsch DARK, Niels Bohr Institute, University of Copenhagen Cline Proux (ESO), Martin Zwaan (ESO), Ian Smail (CEA), Mark Swinbank (CEA), Rob Ivison (ESO) Marianne Vestergaard (DARK), Sandra

293 views • 25 slides
Toll Rate Study For August 20, 2015 Board Meeting Toll Rate Study Updated Traffic and

Toll Rate Study For August 20, 2015 Board Meeting Toll Rate Study Updated Traffic and

Toll Rate Study For August 20, 2015 Board Meeting Toll Rate Study Updated Traffic and Earnings Report (Update Letter) Update of previous 2010 forecast Review historical traffic and revenue trends through FY 2014 Adjust

545 views • 40 slides
1 PARROTT DRIVE SHELTON, CT JUNE 4, 2020 TRAFFIC STUDY Review existing conditions

1 PARROTT DRIVE SHELTON, CT JUNE 4, 2020 TRAFFIC STUDY Review existing conditions

TRAFFIC AND PARKING STUDIES 1 PARROTT DRIVE SHELTON, CT JUNE 4, 2020 TRAFFIC STUDY Review existing conditions Estimate future conditions Determine traffic impact Recommendations SITE LOCATION AND STUDY INTERSECTIONS FUTURE SITE

95 views • 9 slides
The Dust Between the Stars adventures with a small telescope (with notes on a big dark space)

The Dust Between the Stars adventures with a small telescope (with notes on a big dark space)

The Dust Between the Stars adventures with a small telescope (with notes on a big dark space) John McHugh Senior Principal 15 May 2012 RedJack LLC This is not a new problem Last night I saw upon the stair A little man who wasnt there He

711 views • 28 slides
Ponte Vista Traffic Study N O R T H W E S T S A N P E D R O N E I G H B O R H O O D CO U N CI

Ponte Vista Traffic Study N O R T H W E S T S A N P E D R O N E I G H B O R H O O D CO U N CI

Ponte Vista Traffic Study N O R T H W E S T S A N P E D R O N E I G H B O R H O O D CO U N CI L D E C E M B E R 10 , 2 0 12 Presented by Introduction Linscott, Law, & Greenspan, Engineers (LLG) Transportation Planning and

829 views • 56 slides
1.4 Recreation, Part 1 Standards for Accessible Playgrounds 26 th Annual Mid-Atlantic ADA Update

1.4 Recreation, Part 1 Standards for Accessible Playgrounds 26 th Annual Mid-Atlantic ADA Update

1.4 Recreation, Part 1 Standards for Accessible Playgrounds 26 th Annual Mid-Atlantic ADA Update 1 1 The United States Access Board is an independent federal agency that promotes equality for people with disabilities through leadership in

695 views • 40 slides
ViAMoD Visual Spatiotemporal Pattern Analysis of Movement and Event Data Prof. Dr. Stefan Wrobel

ViAMoD Visual Spatiotemporal Pattern Analysis of Movement and Event Data Prof. Dr. Stefan Wrobel

ViAMoD Visual Spatiotemporal Pattern Analysis of Movement and Event Data Prof. Dr. Stefan Wrobel Dr. Natalia Andrienko Prof. Dr. Daniel Keim Dr. Gennady Andrienko Dr. Peter Bak NN Slava Kiselevich http://visual-analytics.info

455 views • 26 slides
Ac Access Control Sy Synthesis fo for Physical Spaces Petar Tsankov, Mohammad Torabi Dashti,

Ac Access Control Sy Synthesis fo for Physical Spaces Petar Tsankov, Mohammad Torabi Dashti,

Ac Access Control Sy Synthesis fo for Physical Spaces Petar Tsankov, Mohammad Torabi Dashti, David Basin Institute of Information Security, ETH Zurich Airports Corporate buildings Sport centers Setting Locks Office Meeting room Lobby

713 views • 45 slides
Hot Topics in Hot Topics in Sports Medicine 2015 Sports Medicine 2015 Sports concussion

Hot Topics in Hot Topics in Sports Medicine 2015 Sports Medicine 2015 Sports concussion

6/23/2015 Hot Topics in Hot Topics in Sports Medicine 2015 Sports Medicine 2015 Sports concussion Diagnosis Treatment Knee pain due to osteoarthritis + meniscus tear Exam Treatment evidence Carlin Senter M.D. Rotator

569 views • 16 slides
Machine Learning - Intro Aarti Singh Machine Learning 10-701/15-781 Sept 8, 2010 You tell me

Machine Learning - Intro Aarti Singh Machine Learning 10-701/15-781 Sept 8, 2010 You tell me

Machine Learning - Intro Aarti Singh Machine Learning 10-701/15-781 Sept 8, 2010 You tell me This class is going to be interactive! What is Machine Learning? 2 What is Machine Learning? 3 What is Machine Learning? Study of

850 views • 52 slides
Retrieval Models: Outline CS490W: Web I nformation Search & Management Retrieval Models

Retrieval Models: Outline CS490W: Web I nformation Search & Management Retrieval Models

Retrieval Models: Outline CS490W: Web I nformation Search & Management Retrieval Models CS-490W Exact-match retrieval method Web Information Search & Management Unranked Boolean retrieval method Ranked Boolean retrieval

367 views • 9 slides
Augmented Reality: Fusing the Real and Synthetic Worlds Mauro Dalla Mura, Michele Zanin,

Augmented Reality: Fusing the Real and Synthetic Worlds Mauro Dalla Mura, Michele Zanin,

Augmented Reality: Fusing the Real and Synthetic Worlds Mauro Dalla Mura, Michele Zanin, Claudio Andreatta, Paul Chippendale, Fondazione Bruno Kessler, Trento, Italy Morphological and Attribute Profiles Spectral/spatial analysis What is

539 views • 33 slides
Future Space The team that helps you connect with your future: Careers Skills audit, CV

Future Space The team that helps you connect with your future: Careers Skills audit, CV

Future Space The team that helps you connect with your future: Careers Skills audit, CV checking, application advice Student Enterprise Loughborough Enterprise Network Work Experience Digital Skills, Collaborative

1.28k views • 28 slides

More recommend