The Internet Ecosystem: The Potential for Discrimination

Symposium: Rough Consensus and Running Code: Integrating Engineering Principles into Internet Policy Debates, held at the University of Pennsylvania\u27s Center for Technology Innovation and Competition on May 6-7, 2010. This Article explores how the emerging Internet architecture of cloud computing, content distribution networks, private peering and data-center services can simultaneously foster a perception of unfair network access while at the same time enabling significant competition for services, content, and innovation. A key enabler of these changes is the emergence of technologies that lower the barrier for entry in developing and deploying new services. Another is the design of successful Internet applications, which already accommodate the variation in service afforded by the current Internet. Regulators should be aware of the potential for anti-competitive practices in this broader Internet Ecosystem, but should carefully consider the effects of regulation on that ecosystem

Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments

Decentralized systems are a subset of distributed systems where multiple authorities control different components and no authority is fully trusted by all. This implies that any component in a decentralized system is potentially adversarial. We revise fifteen years of research on decentralization and privacy, and provide an overview of key systems, as well as key insights for designers of future systems. We show that decentralized designs can enhance privacy, integrity, and availability but also require careful trade-offs in terms of system complexity, properties provided, and degree of decentralization. These trade-offs need to be understood and navigated by designers. We argue that a combination of insights from cryptography, distributed systems, and mechanism design, aligned with the development of adequate incentives, are necessary to build scalable and successful privacy-preserving decentralized systems

Crop Management with the IoT: an Interdisciplinary Survey

In this study we analyze how crop management is going to benefit from the Internet of Things providing an overview of its architecture and components from an agronomic and a technological perspective. The present analysis highlights that IoT is a mature enabling technology, with articulated hardware and software components. Cheap networked devices may sense crop fields at a finer grain, to give timeliness warnings on stress conditions and the presence of disease to a wider range of farmers. Cloud computing allows to reliably store and access heterogeneous data, developing and deploy farm services. From this study emerges that IoT is also going to increase attention to sensor quality and placement protocol, while Machine Learning should be oriented to produce understandable knowledge, which is also useful to enhance Cropping System Simulation systems

Protecting web applications from DDoS attacks by an active distributed defense system

In the last a few years a number of highly publicized incidents of Distributed Denial of Service (DDoS) attacks against high-profile government and commercial websites have made people aware of the importance of providing data and services security to users. A DDoS attack is an availability attack, which is characterized by an explicit attempt from an attacker to prevent legitimate users of a service from using the desired resources. This paper introduces the vulnerability of web applications to DDoS attacks, and presents an active distributed defense system that has a deployment mixture of sub-systems to protect web applications from DDoS attacks. According to the simulation experiments, this system is effective in that it is able to defend web applications against attacks. It can avoid overall network congestion and provide more resources to legitimate web users.<br /

Is Internet access a human right? Linking information and communication technology (ICT) development with global human rights efforts

Peer-reviewed journal article; preprint.The wave of uprisings and protests in Arab nations since late 2010, in part attributed to the use of social media and Internet access, has demonstrated the immense potential of information and communication technologies (ICTs) channeled for democracy. This paper argues that universal access to the global Internet is essential for the preservation of democracy and human rights and places the recent United Nations declaration that Internet access is a human right in the context of ongoing debates about the right to communicate, clarifying the distinction between universal service and the right to communicate. In particular, access to online content, required infrastructure, and ICTs is addressed, underscoring “the unique and transformative nature of the Internet not only to enable individuals to exercise their right to freedom of opinion and expression, but also a range of other human rights, and to promote the progress of society as a whole” (United Nations Human Rights Council, 2011, p.1). A basic right to communicate should also include access to developments such as the World Wide Web and emerging social media, as these are increasingly enabling active citizen participation (Winter & Wedemeyer, 2009). Envisioning participatory policy as grass-roots engagement, I address claims that modern ICTs can be employed to create public spaces for discourse and a reinvigoration of democratic processes (e.g., the Internet as a platform for the “public sphere” as imagined by Habermas, 1991) and emphasize the need to link ICT development with human rights efforts worldwide

A Brave New World: Studies on the Deployment and Security of the Emerging IPv6 Internet.

Recent IPv4 address exhaustion events are ushering in a new era of rapid transition to the next generation Internet protocol---IPv6. Via Internet-scale experiments and data analysis, this dissertation characterizes the adoption and security of the emerging IPv6 network. The work includes three studies, each the largest of its kind, examining various facets of the new network protocol's deployment, routing maturity, and security. The first study provides an analysis of ten years of IPv6 deployment data, including quantifying twelve metrics across ten global-scale datasets, and affording a holistic understanding of the state and recent progress of the IPv6 transition. Based on cross-dataset analysis of relative global adoption rates and across features of the protocol, we find evidence of a marked shift in the pace and nature of adoption in recent years and observe that higher-level metrics of adoption lag lower-level metrics. Next, a network telescope study covering the IPv6 address space of the majority of allocated networks provides insight into the early state of IPv6 routing. Our analyses suggest that routing of average IPv6 prefixes is less stable than that of IPv4. This instability is responsible for the majority of the captured misdirected IPv6 traffic. Observed dark (unallocated destination) IPv6 traffic shows substantial differences from the unwanted traffic seen in IPv4---in both character and scale. Finally, a third study examines the state of IPv6 network security policy. We tested a sample of 25 thousand routers and 520 thousand servers against sets of TCP and UDP ports commonly targeted by attackers. We found systemic discrepancies between intended security policy---as codified in IPv4---and deployed IPv6 policy. Such lapses in ensuring that the IPv6 network is properly managed and secured are leaving thousands of important devices more vulnerable to attack than before IPv6 was enabled. Taken together, findings from our three studies suggest that IPv6 has reached a level and pace of adoption, and shows patterns of use, that indicates serious production employment of the protocol on a broad scale. However, weaker IPv6 routing and security are evident, and these are leaving early dual-stack networks less robust than the IPv4 networks they augment.PhDComputer Science and EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/120689/1/jczyz_1.pd