Research Summaries

Back Cloud-Based High-Speed IPv6 Internet Topology Discovery

Fiscal Year 2019
Division Graduate School of Operational & Information Sciences
Department Computer Science
Investigator(s) Beverly, Robert E.
Rohrer, Justin P.
Sponsor Laboratory for Telecommunications Sciences (DoD)
Summary In a previous collaboration with LTS, we developed a novel high-speed active network mapping tool, “Yarrp” (Yelling at Random Routers Progressively), offering significantly more performance than the prior state-of-the-art [1]. We evaluated Yarrp performance within a number of cloud-service providers, and eventually used AWS in production for a month of production probing of geographically selected IPv4 prefixes. More recently, we used Yarrp to probe selected IPv6 “hitlists” [2], i.e. target addresses distributed across the routed IPv6 address space, chosen via particular criteria. In this process we have gained significant experience tuning Yarrp parameters, configuring vantage points, and analyzing the effects of various measurement artifacts, such as ICMP rate-limiting, which can drastically affect the collected data. Based on lessons learned, the focus of this proposal includes executing production topology mapping at scale; as well as continuing to push the state-of-the-art with new topology mapping mechanisms. In addition, we propose to follow up on newly-discovered analysis opportunities in IPv6 topology data. As such, we propose the following primary research thrusts:
1. Development and systems integration work to gather multiple Internet topology snapshots per day on a continuous basis using Yarrp and the AWS cloud. These snapshots will provide higher-granularity visibility into the topology than previously possible.
2. Collaborate with CAIDA to bring continuous Yarrp-based IPv6 probing into production. This will yield a sustainable platform for better long-term visibility into the IPv6 Internet.
3. Develop on-demand, distributed and parallelized topology probing from AWS cloud to provide analysis with a new capability.
4. Investigate the security and privacy risks associated with how IPv6 networks are addressed; both mitigation and exploitation of EUI-64 addresses will be explored.
These thrusts are interrelated, but complementary, with each either filling a void in existing measurement capabilities, or building on recent findings to further the state-of-the-art. The end results of this proposed effort is both production data collection, new probing capabilities, and new analysis techniques.
Keywords Deception Measurement Network Security
Publications Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal
Data Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal