prefix top lists gaining insights with prefixes from
play

Prefix Top Lists: Gaining Insights with Prefixes from Domain-based - PowerPoint PPT Presentation

Apr 06, 2024 •30 likes •250 views

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Prefix Top Lists: Gaining Insights with Prefixes from Domain-based Top Lists on DNS Deployment Johannes Naab, Patrick Sattler, Jonas Jelten,

  1. Chair of Network Architectures and Services Department of Informatics Technical University of Munich Prefix Top Lists: Gaining Insights with Prefixes from Domain-based Top Lists on DNS Deployment Johannes Naab, Patrick Sattler, Jonas Jelten, Oliver Gasser, Georg Carle <lastname>@net.in.tum.de Tuesday 22 nd October, 2019 ACM Internet Measurement Conference 2019, Amsterdam, Netherlands Chair of Network Architectures and Services Department of Informatics Technical University of Munich

  2. Problem Statement • Existing domain based top lists (e.g. Alexa, Majestic, Umbrella) proved to be of high value for research • So far work on improving top lists mainly focused on providing more stable domain top lists • Evaluations focus on domain based top lists, but not referenced Internet resources Our Goals: • Provide method to generate new top list types: rank prefixes and ASes as important Internet resources • by assigning weights on the domain based top list elements • using a comprehensive name resolution process • Provide a metric to investigate changes in Prefix and AS top lists • Show usefulness of new top lists when analyzing DNS resilience Naab, Sattler, Jelten, Gasser, Carle — Prefix Top Lists 2

  3. Outline Problem Statement Methodology Prefix Top List Instantiation Prefix Top List Comparison Metric DNS Resilience Conclusion Naab, Sattler, Jelten, Gasser, Carle — Prefix Top Lists 3

  4. Methodology Domain Top Lists Name Resolution Ranking and Weighting IP Addresses Weighted Domains Routing Information Prefix and AS lists Merge and Aggregate Prefix and AS Top Lists Naab, Sattler, Jelten, Gasser, Carle — Prefix Top Lists 4

  5. Prefix Top List Instantiation Domain Top Lists Domain Top Lists • Alexa, Majestic, Umbrella Name Resolution Ranking and Weighting Ranking and Weighting • Zipfian distribution to approximate popularity weights IP Addresses 1 / k w = , k = rank , N = number of elements � N n =1 1 / n Weighted Domains Routing Information • smoothing of fluctuations: 7-day aggregate Rank Domain Weight Top Rank Bottom Rank Prefix and AS lists 1 google.com 0.0703 1 1 2 youtube.com 0.0351 2 2 3 tmall.com 0.0226 3 4 Merge and Aggregate 4 baidu.com 0.0184 3 4 5 qq.com 0.0134 5 6 6 sohu.com 0.0120 5 8 7 facebook.com 0.0099 7 8 Prefix and AS Top Lists Top Domains for August 1, 2019 with 7-day rolling window, Alexa List Naab, Sattler, Jelten, Gasser, Carle — Prefix Top Lists 5

  6. Prefix Top List Instantiation Domain Top Lists Name Resolution Name Resolution • our instantiation: local vantage point Ranking and Weighting • query A and AAAA records • against all authoritative name servers IP Addresses Routing Information Weighted Domains Routing Information • our instantiation: local BGP view • map resolved addresses to prefix and origin AS Prefix and AS lists Merge and Aggregate • calculate prefix weight from domain weights Merge and Aggregate • if DNS resolution returns multiple IP addresses: split • preserve invariant: sum(w) = 1 Prefix and AS Top Lists Naab, Sattler, Jelten, Gasser, Carle — Prefix Top Lists 5

  7. Prefix Top List Rank Prefix Weight 1 172.217.18.0/24 0.0178 2 172.217.16.0/24 0.0175 3 172.217.22.0/24 0.0173 4 216.58.206.0/23 0.0165 5 172.217.23.0/24 0.0164 6 140.205.64.0/18 0.0160 7 216.58.208.0/24 0.0154 8 111.160.0.0/13 0.0134 9 140.205.128.0/18 0.0116 10 216.58.204.0/23 0.0098 11 172.217.21.0/24 0.0097 12 39.156.0.0/17 0.0096 13 216.58.210.0/24 0.0094 14 220.181.32.0/19 0.0092 15 91.198.174.0/24 0.0073 16 151.101.0.0/22 0.0063 17 151.101.64.0/22 0.0062 18 151.101.192.0/22 0.0062 19 151.101.128.0/22 0.0061 20 99.84.88.0/21 0.0057 BGP Prefix Ranking for August 1, 2019 based on Alexa List. Naab, Sattler, Jelten, Gasser, Carle — Prefix Top Lists 6

  8. Prefix Top List Rank Prefix Weight # Domains # IP addr. 1 172.217.18.0/24, AS15169 – GOOGLE 0.0178 1039 35 2 172.217.16.0/24, AS15169 – GOOGLE 0.0175 1000 33 3 172.217.22.0/24, AS15169 – GOOGLE 0.0173 1041 42 4 216.58.206.0/23, AS15169 – GOOGLE 0.0165 973 35 5 172.217.23.0/24, AS15169 – GOOGLE 0.0164 775 23 6 140.205.64.0/18, AS37963 – CNNIC-ALIBABA 0.0160 6 4 7 216.58.208.0/24, AS15169 – GOOGLE 0.0154 443 14 8 111.160.0.0/13, AS4837 – CHINA169-BACKBONE 0.0134 3 4 9 140.205.128.0/18, AS37963 – CNNIC-ALIBABA 0.0116 12 12 10 216.58.204.0/23, AS15169 – GOOGLE 0.0098 547 15 11 172.217.21.0/24, AS15169 – GOOGLE 0.0097 697 22 12 39.156.0.0/17, AS9808 – CMNET-GD 0.0096 7 3 13 216.58.210.0/24, AS15169 – GOOGLE 0.0094 403 12 14 220.181.32.0/19, AS23724 – CHINANET-IDC-BJ-AP 0.0092 9 5 15 91.198.174.0/24, AS14907 – WIKIMEDIA 0.0073 12 1 16 151.101.0.0/22, AS54113 – FASTLY 0.0063 4566 192 17 151.101.64.0/22, AS54113 – FASTLY 0.0062 4475 183 18 151.101.192.0/22, AS54113 – FASTLY 0.0062 2157 187 19 151.101.128.0/22, AS54113 – FASTLY 0.0061 2136 182 20 99.84.88.0/21, AS16509 – AMAZON-02 0.0057 11 988 168 BGP Prefix Ranking for August 1, 2019 based on Alexa List. Naab, Sattler, Jelten, Gasser, Carle — Prefix Top Lists 6

  9. AS Popularity Rank and Weight Rank AS Rank Prefix Object Weight # Domains # IP addr. 1 172.217.18.0/24 0.0178 1039 35 2 172.217.16.0/24 0.0175 1000 33 . . . IPv4 Object Ranking for August 1, 2019 based on Alexa List. Naab, Sattler, Jelten, Gasser, Carle — Prefix Top Lists 7

  10. AS Popularity Rank and Weight Rank AS Rank Prefix Object Weight # Domains # IP addr. 1 AS15169 – GOOGLE 0.1454 103 264 15 278 1 172.217.18.0/24 0.0178 1039 35 2 172.217.16.0/24 0.0175 1000 33 . . . IPv4 Object Ranking for August 1, 2019 based on Alexa List. Naab, Sattler, Jelten, Gasser, Carle — Prefix Top Lists 7

  11. AS Popularity Rank and Weight Rank AS Rank Prefix Object Weight # Domains # IP addr. 1 AS15169 – GOOGLE 0.1454 103 264 15 278 1 172.217.18.0/24 0.0178 1039 35 2 172.217.16.0/24 0.0175 1000 33 . . . 2 AS13335 – CLOUDFLARE 0.1049 310 574 91 869 28 23.227.38.0/23 0.0045 42 809 13 3 AS16509 – AMAZON-02 0.0651 88 373 70 888 20 99.84.88.0/21 0.0057 11 988 168 4 AS37963 – CNNIC-ALIBABA 0.0478 7266 6733 6 140.205.64.0/18 0.0160 6 4 5 AS54113 – FASTLY 0.0284 16 752 887 16 151.101.0.0/22 0.0063 4566 192 . . . 14 AS20940 – AKAMAI-ASN1 0.0106 3201 2807 80 23.38.48.0/20 0.0016 203 104 15 AS32934 – FACEBOOK 0.0102 48 38 24 157.240.20.0/24 0.0051 36 5 16 AS26496 – GO-DADDY 0.0082 116 590 24 431 112 184.168.128.0/22 0.0011 11 538 2 17 AS14907 – WIKIMEDIA 0.0073 26 4 15 91.198.174.0/24 0.0073 12 1 IPv4 Object Ranking for August 1, 2019 based on Alexa List. Full data on https://prefixtoplists.net.in.tum.de/. Naab, Sattler, Jelten, Gasser, Carle — Prefix Top Lists 7

  12. Prefix Top List Comparison Metric Different lists can be compared by the sum of the weight differences. Example: tum.de • 2019-07-31: rank = 12 556, w = 5.32 × 10 −6 • 2019-08-01: rank = 13 593, w = 4.92 × 10 −6 • ∆ = 0.40 × 10 −6 Naab, Sattler, Jelten, Gasser, Carle — Prefix Top Lists 8

  13. Prefix Top List Comparison Metric Different lists can be compared by the sum of the weight differences. Example: tum.de • 2019-07-31: rank = 12 556, w = 5.32 × 10 −6 • 2019-08-01: rank = 13 593, w = 4.92 × 10 −6 • ∆ = 0.40 × 10 −6 Difference between two lists: change = � i ∈ elements abs ( ∆ i ) Naab, Sattler, Jelten, Gasser, Carle — Prefix Top Lists 8

  14. Stability of Ranking 0.10 PTL (IPv4) based on Alexa PTL (IPv6) based on Alexa 0.08 Alexa domain top list Daily Zipf weight change 0.06 0.04 0.02 0.00 1 1 1 1 1 1 0 0 0 0 0 0 - - - - - - 4 5 6 7 8 9 0 0 0 0 0 0 - - - - - - 9 9 9 9 9 9 1 1 1 1 1 1 0 0 0 0 0 0 2 2 2 2 2 2 Daily weight changes for Alexa Domain and Prefix Top List (PTL) with 7 day aggregate. Naab, Sattler, Jelten, Gasser, Carle — Prefix Top Lists 9

  15. Stability of Ranking Cumulative Zipf weight of new prefixes per day 0.10 PTL (IPv4) based on Alexa PTL (IPv4) based on Alexa 1.05 PTL (IPv6) based on Alexa PTL (IPv6) based on Alexa 0.08 Alexa domain top list Daily Zipf weight change 1.04 0.06 1.03 1.02 0.04 1.01 0.02 1.00 0.00 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 - - - - - - - - - - - - 4 5 6 7 8 9 4 5 6 7 8 9 0 0 0 0 0 0 0 0 0 0 0 0 - - - - - - - - - - - - 9 9 9 9 9 9 9 9 9 9 9 9 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 2 2 2 2 2 2 2 2 2 2 2 2 Daily weight changes for Alexa Domain and Prefix Top List (PTL) with 7 day Cumulative weight of new prefixes. The jump on June 27, 2019 is caused by new aggregate. prefixes for Wikipedia . Naab, Sattler, Jelten, Gasser, Carle — Prefix Top Lists 9

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Gaining Insights, Gaining Access WHAT WE LEARNED FROM SENIOR FARMERS WITHOUT SUCCESSORS NOVEMBER

Gaining Insights, Gaining Access WHAT WE LEARNED FROM SENIOR FARMERS WITHOUT SUCCESSORS NOVEMBER

Gaining Insights, Gaining Access WHAT WE LEARNED FROM SENIOR FARMERS WITHOUT SUCCESSORS NOVEMBER 24, 2015 Gaining Insights Research Project A seven-state (New York and New England) project done in collaboration with and a 10-member Advisory

389 views • 25 slides
Spelling, Punctuation and Grammar Prefixes super- anti- auto- Year One SPaG | Prefixes super-

Spelling, Punctuation and Grammar Prefixes super- anti- auto- Year One SPaG | Prefixes super-

Spelling, Punctuation and Grammar Prefixes super- anti- auto- Year One SPaG | Prefixes super- anti- auto- Aim I can add the prefixes super-, anti- and auto- to words to create new words. Success Criteria I can explain what a prefix is.

815 views • 12 slides
Measuting IPv6 Network Quality 1 dual-stack node discovery Table 1: IPv6 prefixes extracted

Measuting IPv6 Network Quality 1 dual-stack node discovery Table 1: IPv6 prefixes extracted

Measuting IPv6 Network Quality 1 dual-stack node discovery Table 1: IPv6 prefixes extracted prefix prefix use 2004/06 2004/08 2005/01 2001::/16 Aggregatable Global Unicast 6,585 6,665 4,394 3ffe::/16 6bone 1,762 1,459 291

401 views • 6 slides
Border Gateway Protocol (BGP) Structure of the Internet Networks (ISPs, CDNs, etc.) group with

Border Gateway Protocol (BGP) Structure of the Internet Networks (ISPs, CDNs, etc.) group with

Border Gateway Protocol (BGP) Structure of the Internet Networks (ISPs, CDNs, etc.) group with IP prefixes Networks are richly interconnected, often using IXPs Prefix B1 Prefix D1 Prefix C1 ISP B CDN D IXP CDN C IXP Prefix E1

669 views • 27 slides
Border Gateway Protocol (BGP) Structure of the Internet Networks (ISPs, CDNs, etc.) group with

Border Gateway Protocol (BGP) Structure of the Internet Networks (ISPs, CDNs, etc.) group with

Border Gateway Protocol (BGP) Structure of the Internet Networks (ISPs, CDNs, etc.) group with IP prefixes Networks are richly interconnected, often using IXPs Prefix B1 Prefix D1 Prefix C1 ISP B CDN D IXP CDN C IXP Prefix E1

641 views • 33 slides
Gaining Insights into Multicore Cache Partitioning: Bridging the Gap between Simulation and Real

Gaining Insights into Multicore Cache Partitioning: Bridging the Gap between Simulation and Real

Gaining Insights into Multicore Cache Partitioning: Bridging the Gap between Simulation and Real Systems 1 Presented by Hadeel Alabandi 2/18/2014 Introduction and Motivation 2 A serious issue to the effective utilization of multicore

328 views • 22 slides
Gaining new insights European Social Survey into societal MEASURING PUBLIC challenges by

Gaining new insights European Social Survey into societal MEASURING PUBLIC challenges by

Gaining new insights European Social Survey into societal MEASURING PUBLIC challenges by ATTITUDES, combining social INFORMING PUBLIC survey and POLICY environmental data Dr Sarah Butt, ESS ERIC Deputy Director City, University of London

462 views • 18 slides
Class 2: Displacement and velocity Metric system Units can be modified by a prefix. Common

Class 2: Displacement and velocity Metric system Units can be modified by a prefix. Common

Class 2: Displacement and velocity Metric system Units can be modified by a prefix. Common prefixes: e.g. millimeter = 10 -3 m m (milli) = 10 -3 e.g. microgram = 10 -6 g (micro) = 10 -6 e.g. nanometer = 10 -9 m n (nano) = 10 -9 e.g.

403 views • 9 slides
A PPENDIX VII Recommended Unit Symbols, SI Prefixes, and Abbreviations A. Recommended Unit

A PPENDIX VII Recommended Unit Symbols, SI Prefixes, and Abbreviations A. Recommended Unit

A PPENDIX VII Recommended Unit Symbols, SI Prefixes, and Abbreviations A. Recommended Unit Symbols T ABLE I SI P REFIXES The following standards provide the recommended abbreviations, Multiple Prefix Symbol symbols, and units for IEEE

141 views • 3 slides
Word Formation: Prefixes &amp; Suffixes ENGLISH FOR COMPUTER SCIENCE EXTRA NOTES #3 EHSAN

Word Formation: Prefixes &amp; Suffixes ENGLISH FOR COMPUTER SCIENCE EXTRA NOTES #3 EHSAN

Word Formation: Prefixes &amp; Suffixes ENGLISH FOR COMPUTER SCIENCE EXTRA NOTES #3 EHSAN AKHGARI OCTOBER 2007 Introduction 2 Word formation in English: prefix stem suffix Examples: programmer: program + er (someone who

628 views • 16 slides
This week, we are going to look again at another prefix. What is a prefix? Click on the right

This week, we are going to look again at another prefix. What is a prefix? Click on the right

This week, we are going to look again at another prefix. What is a prefix? Click on the right answer. A prefix is a word or A prefix is a group group of words that A prefix is a group of letters that goes comes at the start of of letters

462 views • 21 slides
Auto-Detecting Hijacked Prefixes? Routing SIG 7 Sep 2005 APNIC20, Hanoi, Vietnam Geoff Huston

Auto-Detecting Hijacked Prefixes? Routing SIG 7 Sep 2005 APNIC20, Hanoi, Vietnam Geoff Huston

Auto-Detecting Hijacked Prefixes? Routing SIG 7 Sep 2005 APNIC20, Hanoi, Vietnam Geoff Huston 1 Address hijacking unauthorized use of an address prefix as an advertised route object on the Internet Not a bogon address block has

309 views • 18 slides
This week, we are going to look at another prefix. What is a prefix? Choose the right answer. A

This week, we are going to look at another prefix. What is a prefix? Choose the right answer. A

This week, we are going to look at another prefix. What is a prefix? Choose the right answer. A prefix is a word or A prefix is a group group of words that A prefix is a group of letters that goes comes at the start of of letters that goes

317 views • 21 slides
Parallel prefix adders Kostas Vitoroulis, 2006. Presented to Dr. A. J. Al-Khalili. Concordia

Parallel prefix adders Kostas Vitoroulis, 2006. Presented to Dr. A. J. Al-Khalili. Concordia

Parallel prefix adders Kostas Vitoroulis, 2006. Presented to Dr. A. J. Al-Khalili. Concordia University. Overview of presentation Parallel prefix operations Binary addition as a parallel prefix operation Prefix graphs Adder

764 views • 35 slides
IP Prefix Advertisement in EVPN draft-rabadan-l2vpn-evpn-prefix-advertisement-01 Jorge Rabadan

IP Prefix Advertisement in EVPN draft-rabadan-l2vpn-evpn-prefix-advertisement-01 Jorge Rabadan

IP Prefix Advertisement in EVPN draft-rabadan-l2vpn-evpn-prefix-advertisement-01 Jorge Rabadan Wim Hendericks Florin Balus Senad Palislamovic Aldrin Isaac IETF 88, November 2013 Vancouver, Canada The prefix-advertisement route (route-type

244 views • 8 slides
What APT does Assumption PI (or equivalent) prefixes of edge sites are not routed globally

What APT does Assumption PI (or equivalent) prefixes of edge sites are not routed globally

What APT does Assumption PI (or equivalent) prefixes of edge sites are not routed globally APT: A Practical Transit Mapping Packets are tunneled from ITRs to ETRs APT Service Provide PI prefixes to ETRs mapping Adapt to

462 views • 9 slides
Understanding the Domain Registration Behavior of Spammers Shuang Hao, Matthew Thomas, Vern

Understanding the Domain Registration Behavior of Spammers Shuang Hao, Matthew Thomas, Vern

Understanding the Domain Registration Behavior of Spammers Shuang Hao, Matthew Thomas, Vern Paxson, Nick Feamster, Christian Kreibich, Chris Grier, Scott Hollenbeck Overview Domain Abuse Domain names represent valuable Internet resources

653 views • 25 slides
Our research focus Cancer research Cancer development / progression (e.g. Breast, Ewing's

Our research focus Cancer research Cancer development / progression (e.g. Breast, Ewing's

Our research focus Cancer research Cancer development / progression (e.g. Breast, Ewing's Sarcoma, Osteosarcoma) R package to analyze genomic alterations and Prognostic / therapeutic factors tumor pathways based on array data

255 views • 3 slides
GETTING STARTED WE WANT TO DRAW GOOD DATA GRAPHICS REPRODUCIBLY Abstraction in Software Less

GETTING STARTED WE WANT TO DRAW GOOD DATA GRAPHICS REPRODUCIBLY Abstraction in Software Less

GETTING STARTED WE WANT TO DRAW GOOD DATA GRAPHICS REPRODUCIBLY Abstraction in Software Less More Easy things are awkward Easy things are trivial Hard things are straightforward Hard things are really awkward Really hard things are

1.42k views • 112 slides
Clumpy galaxies at high redshift: Insights from the NIHAO simulations Buck et al. 2017 (MNRAS) -

Clumpy galaxies at high redshift: Insights from the NIHAO simulations Buck et al. 2017 (MNRAS) -

Clumpy galaxies at high redshift: Insights from the NIHAO simulations Buck et al. 2017 (MNRAS) - arXiv:1612.05277 Gas in Galaxies Valetta 6th of October Tobias Buck Andrea V. Macci, Aura Obreja, Aaron A. Dutton, Hans-Walter Rix PhD student

552 views • 39 slides
Transfer Learning from APP Domain to News Domain for Dual Cold-Start Recommendation Jixiong Liu 1

Transfer Learning from APP Domain to News Domain for Dual Cold-Start Recommendation Jixiong Liu 1

Transfer Learning from APP Domain to News Domain for Dual Cold-Start Recommendation Jixiong Liu 1 , Jiakun Shi 1 , Wanling Cai 1 , Bo Liu 2 , Weike Pan 1 Qiang Yang 2 and Zhong Ming 1 { 1455606137,1033150729,382970614 } @qq.com, {

475 views • 23 slides
Test-Time Training with Self-Supervision for Generalization under Distribution Shifts Yu Sun,

Test-Time Training with Self-Supervision for Generalization under Distribution Shifts Yu Sun,

Test-Time Training with Self-Supervision for Generalization under Distribution Shifts Yu Sun, Xiaolong Wang, Zhuang Liu, John Miller, Alexei Efros, Moritz Hardt UC Berkeley ICML 2020 same distribution P = Q x: train set o: test set x x o x

831 views • 52 slides
Common Errors In OWL Alan Rector, Nick Drummond, Matthew Horridge, Holger Knublauch, Jeremy

Common Errors In OWL Alan Rector, Nick Drummond, Matthew Horridge, Holger Knublauch, Jeremy

Common Errors In OWL Alan Rector, Nick Drummond, Matthew Horridge, Holger Knublauch, Jeremy Rogers, Robert Stevens, Hai Wang, Chris Wroe Introduction The examples in this talk are based on courses about OWL that are taught at The University

738 views • 24 slides
3D-RADNet: Extracting labels from DICOM metadata for training general medical domain deep 3D

3D-RADNet: Extracting labels from DICOM metadata for training general medical domain deep 3D

DEPARTMENT OF DIAGNOSTIC RADIOLOGY 3D-RADNet: Extracting labels from DICOM metadata for training general medical domain deep 3D convolution neural networks Richard Du, MSc &amp; Varut Vardhanabhuti, FRCR, PhD DEPARTMENT OF DIAGNOSTIC

273 views • 11 slides

More recommend