Internet Background Radiation Seminar in Distributed Computing - - PowerPoint PPT Presentation

internet background radiation
SMART_READER_LITE
LIVE PREVIEW

Internet Background Radiation Seminar in Distributed Computing - - PowerPoint PPT Presentation

Sep 01, 2023 6 likes •287 views

Internet Background Radiation Seminar in Distributed Computing Jeremia Br Internet Background Radiation? Network packets to unassigned addresses. Useless Traffic Internet Background Radiation, 2 Jeremia Br, 2. April 2014 Why would I

slide-1
SLIDE 1

Internet Background Radiation

Seminar in Distributed Computing Jeremia Bär

slide-2
SLIDE 2

Internet Background Radiation?

Network packets to unassigned addresses. Useless Traffic

Internet Background Radiation, Jeremia Bär, 2. April 2014 2

slide-3
SLIDE 3

Why would I care?

Internet Growth: 50% / annum IBR Growth: 100% / annum

Internet Background Radiation, Jeremia Bär, 2. April 2014 3

slide-4
SLIDE 4

Radiation Sources

Computer Virus + Botnets Hacking / DDoS Hacking / DDoS Software Bugs + Misconfiguration

Internet Background Radiation, Jeremia Bär, 2. April 2014 4

slide-5
SLIDE 5

Why would I care?

Internet Growth: 50% / annum IBR Growth: 100% / annum

Internet Background Radiation, Jeremia Bär, 2. April 2014 5

slide-6
SLIDE 6

Analysis Techniques

  • Packet Analysis
  • Temporal Analysis
  • Spatial Analysis

Internet Background Radiation, Jeremia Bär, 2. April 2014 6

slide-7
SLIDE 7

Packet Analysis

– Headers Analysis – Payload Analysis

Temporal Analysis

allows – Application Identification – Application Popularity – Source OS allows

Analysis Techniques

Temporal Analysis

– Analysis of (src,dst) pairs – Cross-port analysis

Spatial Analysis

– Source Synchronization – Network Avoidance allows – Reveal Hidden Intention allows – Software Maturity –

Internet Background Radiation, Jeremia Bär, 2. April 2014 7

slide-8
SLIDE 8

Packet Analysis

Approach

  • Header Analysis
  • Payload Analysis

Internet Background Radiation, Jeremia Bär, 2. April 2014 8

Results

  • Application Identification
  • Application Popularity
  • Originating OS
slide-9
SLIDE 9

Temporal Analysis

Approach

  • Analyse (src, dst) pairs
  • Cross-port analysis

Internet Background Radiation, Jeremia Bär, 2. April 2014 9

Results

  • Identify Source Intention
slide-10
SLIDE 10

Spatial Analysis

Approach

  • Source Synchronization
  • Network Avoidance

Internet Background Radiation, Jeremia Bär, 2. April 2014 10

Results

  • Software Maturity
slide-11
SLIDE 11

Spatial Analysis

Focus due to Software Bug

Internet Background Radiation, Jeremia Bär, 2. April 2014 11

slide-12
SLIDE 12

Software Misconfiguration

Vendor bug in DSL Modem Traffic to 1.x.168.192 Focused Automated No Control Traffic to 35.206.63.212 Address Space Pollution No Control

Internet Background Radiation, Jeremia Bär, 2. April 2014 12

slide-13
SLIDE 13

Summary

  • Existance & Importance
  • Packet, Temporal and Spatial Analysis

– Classification & Filtering – Study of Malware

Address Space Pollution

  • Address Space Pollution
  • Measurement of IBR
  • Real-world Applications

Up Next

Internet Background Radiation, Jeremia Bär, 2. April 2014 13

slide-14
SLIDE 14

Measuring IBR

Internet Background Radiation, Jeremia Bär, 2. April 2014 14

slide-15
SLIDE 15

Measuring IBR

Darknets Black Holes

Internet Background Radiation, Jeremia Bär, 2. April 2014 15

slide-16
SLIDE 16

Active Responder Complexity

Internet Background Radiation, Jeremia Bär, 2. April 2014 16

slide-17
SLIDE 17

Real-world Applications

Christchurch, NZ. 22.Feb. 2011 Magnitude: 6.1 Tohoku, JP. 11. Mar. 2011 Magnitude: 9.0

Internet Background Radiation, Jeremia Bär, 2. April 2014 17

slide-18
SLIDE 18

Infrastructure Impact

Internet Background Radiation, Jeremia Bär, 2. April 2014 18

slide-19
SLIDE 19

Infrastructure Impact

Tohoku

Internet Background Radiation, Jeremia Bär, 2. April 2014 19

slide-20
SLIDE 20

Infrastructure Impact

Christchurch

Internet Background Radiation, Jeremia Bär, 2. April 2014 20

slide-21
SLIDE 21

Infrastructure Impact

Property Christchurch, NZ Tohoku, JP Magnitude 6.1 9.0 Magnitude 6.1 9.0 20km 304km 2 (6km) 3.59 (137km)

Internet Background Radiation, Jeremia Bär, 2. April 2014 21

slide-22
SLIDE 22

Long-term Impact

Tohoku

Internet Background Radiation, Jeremia Bär, 2. April 2014 22

slide-23
SLIDE 23

Long-term Impact

Christchurch

Internet Background Radiation, Jeremia Bär, 2. April 2014 23

slide-24
SLIDE 24

Reliability

Tohoku

Internet Background Radiation, Jeremia Bär, 2. April 2014 24

slide-25
SLIDE 25

Big Scope & Recovery

Internet Background Radiation, Jeremia Bär, 2. April 2014 25

slide-26
SLIDE 26

Reliability

  • Law enforcement
  • ISP filtering
  • Software Patches
  • System Damage
  • Accuracy of Geolocation

– Mobile Devices

Internet Background Radiation, Jeremia Bär, 2. April 2014 26

slide-27
SLIDE 27

Summary

  • Existance & Analysis

– Packets, Temporal, Spatial

  • Measurement

Darknets, Active Responders – Darknets, Active Responders

  • Tech Applications

– Classification, Malware, Address Space Pollution

  • Geographic Colocation

– Communication Infrastructure Metric

Internet Background Radiation, Jeremia Bär, 2. April 2014 27

slide-28
SLIDE 28

Thank You

  • Characteristics of Internet Background Radiation.

Pang et al. In SIGCOMM 2004

  • Internet Background Radiation Revisited.

Wustrow et al. In SIGCOMM 2010.

  • Extracting Benefit from Harm: Using Malware Pollution to Analyze the

Impact of Political and Geophysical Events on the Internet. Dainotti et al. In SIGCOMM 2012.

Internet Background Radiation, Jeremia Bär, 2. April 2014 28