From the edge to the core : towards informed vantage point selection for internet measurement studies

Since the early days of the Internet, measurement scientists are trying to keep up with the fast-paced development of the Internet. As the Internet grew organically over time and without build-in measurability, this process requires many workarounds and due diligence. As a result, every measurement study is only as good as the data it relies on. Moreover, data quality is relative to the research question—a data set suitable to analyze one problem may be insufficient for another. This is entirely expected as the Internet is decentralized, i.e., there is no single observation point from which we can assess the complete state of the Internet. Because of that, every measurement study needs specifically selected vantage points, which fit the research question. In this thesis, we present three different vantage points across the Internet topology— from the edge to the Internet core. We discuss their specific features, suitability for different kinds of research questions, and how to work with the corresponding data. The data sets obtained at the presented vantage points allow us to conduct three different measurement studies and shed light on the following aspects: (a) The prevalence of IP source address spoofing at a large European Internet Exchange Point (IXP), (b) the propagation distance of BGP communities, an optional transitive BGP attribute used for traffic engineering, and (c) the impact of the global COVID-19 pandemic on Internet usage behavior at a large Internet Service Provider (ISP) and three IXPs.Seit den frühen Tagen des Internets versuchen Forscher im Bereich Internet Measu- rement, mit der rasanten Entwicklung des des Internets Schritt zu halten. Da das Internet im Laufe der Zeit organisch gewachsen ist und nicht mit Blick auf Messbar- keit entwickelt wurde, erfordert dieser Prozess eine Meg Workarounds und Sorgfalt. Jede Measurement Studie ist nur so gut wie die Daten, auf die sie sich stützt. Und Datenqualität ist relativ zur Forschungsfrage - ein Datensatz, der für die Analyse eines Problems geeiget ist, kann für ein anderes unzureichend sein. Dies ist durchaus zu erwarten, da das Internet dezentralisiert ist, d. h. es gibt keinen einzigen Be- obachtungspunkt, von dem aus wir den gesamten Zustand des Internets beurteilen können. Aus diesem Grund benötigt jede Measurement Studie gezielt ausgewählte Beobachtungspunkte, die zur Forschungsfrage passen. In dieser Arbeit stellen wir drei verschiedene Beobachtungspunkte vor, die sich über die gsamte Internet-Topologie erstrecken— vom Rand bis zum Kern des Internets. Wir diskutieren ihre spezifischen Eigenschaften, ihre Eignung für verschiedene Klas- sen von Forschungsfragen und den Umgang mit den entsprechenden Daten. Die an den vorgestellten Beobachtungspunkten gewonnenen Datensätze ermöglichen uns die Durchführung von drei verschiedenen Measurement Studien und damit die folgenden Aspekte zu beleuchten: (a) Die Prävalenz von IP Source Address Spoofing bei einem großen europäischen Internet Exchange Point (IXP), (b) die Ausbreitungsdistanz von BGP-Communities, ein optionales transitives BGP-Attribut, das Anwendung im Bereich Traffic-Enigneering findet sowie (c) die Auswirkungen der globalen COVID- 19-Pandemie auf das Internet-Nutzungsverhalten an einem großen Internet Service Provider (ISP) und drei IXPs

Transaction protocols for self-organizing systems of autonomous entities

Self-organizing systems of autonomous entities have gained wide-spread attention in the research community. The most difficult problem of such systems is that autonomous entities may choose between cooperation and defection in the transactions they participate. In internet based eCommerce, transaction protocols (so-called exchange protocols) are applied for this purpose. Yet, it has been repeatedly conjectured that such protocols are not applicable to self-organizing systems. Distributed reputation systems have been proposed as a means of compensating for such lack of applicability. Still, there is no analysis of the applicability of transaction protocols and their relationship with distributed reputation systems

Improving the accuracy of spoofed traffic inference in inter-domain traffic

Ascertaining that a network will forward spoofed traffic usually requires an active probing vantage point in that network, effectively preventing a comprehensive view of this global Internet vulnerability. We argue that broader visibility into the spoofing problem may lie in the capability to infer lack of Source Address Validation (SAV) compliance from large, heavily aggregated Internet traffic data, such as traffic observable at Internet Exchange Points (IXPs). The key idea is to use IXPs as observatories to detect spoofed packets, by leveraging Autonomous System (AS) topology knowledge extracted from Border Gateway Protocol (BGP) data to infer which source addresses should legitimately appear across parts of the IXP switch fabric. In this thesis, we demonstrate that the existing literature does not capture several fundamental challenges to this approach, including noise in BGP data sources, heuristic AS relationship inference, and idiosyncrasies in IXP interconnec- tivity fabrics. We propose Spoofer-IX, a novel methodology to navigate these challenges, leveraging Customer Cone semantics of AS relationships to guide precise classification of inter-domain traffic as In-cone, Out-of-cone ( spoofed ), Unverifiable, Bogon, and Unas- signed. We apply our methodology on extensive data analysis using real traffic data from two distinct IXPs in Brazil, a mid-size and a large-size infrastructure. In the mid-size IXP with more than 200 members, we find an upper bound volume of Out-of-cone traffic to be more than an order of magnitude less than the previous method inferred on the same data, revealing the practical importance of Customer Cone semantics in such analysis. We also found no significant improvement in deployment of SAV in networks using the mid-size IXP between 2017 and 2019. In hopes that our methods and tools generalize to use by other IXPs who want to avoid use of their infrastructure for launching spoofed-source DoS attacks, we explore the feasibility of scaling the system to larger and more diverse IXP infrastructures. To promote this goal, and broad replicability of our results, we make the source code of Spoofer-IX publicly available. This thesis illustrates the subtleties of scientific assessments of operational Internet infrastructure, and the need for a community focus on reproducing and repeating previous methods.A constatação de que uma rede encaminhará tráfego falsificado geralmente requer um ponto de vantagem ativo de medição nessa rede, impedindo efetivamente uma visão abrangente dessa vulnerabilidade global da Internet. Isto posto, argumentamos que uma visibilidade mais ampla do problema de spoofing pode estar na capacidade de inferir a falta de conformidade com as práticas de Source Address Validation (SAV) a partir de dados de tráfego da Internet altamente agregados, como o tráfego observável nos Internet Exchange Points (IXPs). A ideia chave é usar IXPs como observatórios para detectar pacotes falsificados, aproveitando o conhecimento da topologia de sistemas autônomos extraído dos dados do protocolo BGP para inferir quais endereços de origem devem aparecer legitimamente nas comunicações através da infra-estrutura de um IXP. Nesta tese, demonstramos que a literatura existente não captura diversos desafios fundamentais para essa abordagem, incluindo ruído em fontes de dados BGP, inferência heurística de relacionamento de sistemas autônomos e características específicas de interconectividade nas infraestruturas de IXPs. Propomos o Spoofer-IX, uma nova metodologia para superar esses desafios, utilizando a semântica do Customer Cone de relacionamento de sistemas autônomos para guiar com precisão a classificação de tráfego inter-domínio como In-cone, Out-of-cone ( spoofed ), Unverifiable, Bogon, e Unassigned. Aplicamos nossa metodologia em análises extensivas sobre dados reais de tráfego de dois IXPs distintos no Brasil, uma infraestrutura de médio porte e outra de grande porte. No IXP de tamanho médio, com mais de 200 membros, encontramos um limite superior do volume de tráfego Out-of-cone uma ordem de magnitude menor que o método anterior inferiu sob os mesmos dados, revelando a importância prática da semântica do Customer Cone em tal análise. Além disso, não encontramos melhorias significativas na implantação do Source Address Validation (SAV) em redes usando o IXP de tamanho médio entre 2017 e 2019. Na esperança de que nossos métodos e ferramentas sejam aplicáveis para uso por outros IXPs que desejam evitar o uso de sua infraestrutura para iniciar ataques de negação de serviço através de pacotes de origem falsificada, exploramos a viabilidade de escalar o sistema para infraestruturas IXP maiores e mais diversas. Para promover esse objetivo e a ampla replicabilidade de nossos resultados, disponibilizamos publicamente o código fonte do Spoofer-IX. Esta tese ilustra as sutilezas das avaliações científicas da infraestrutura operacional da Internet e a necessidade de um foco da comunidade na reprodução e repetição de métodos anteriores

A model for privacy-aware presence management in mobile communications

As humans we find communicating natural and compelling. Over the centuries we have created many innovations which enable and improve communication between people; during the past decade mobile phone networks have brought about a technological revolution in this area. Never before have people been so connected to one another. Today we have the ability to communicate with almost anyone, anytime, anywhere. Our increased connectivity and reachability also leads to new issues and challenges that we need to deal with. When we phone someone we expect an instant connection, and when this does not occur it can be frustrating. On the other hand it is equally disruptive to receive a call when one is busy with an important task or in a situation where communication is inappropriate. Social protocol dictates that we try to minimize such situations for the benefit of others nearby and for ourselves. This management of communications is a constant and difficult task. Using presence – which signals a person’s availability and willingness to communicate – is a solution to this problem. Such information can benefit communication partners by increasing the likelihood of a successful connection and decreasing disruptions. This research addresses the problem of staying connected while keeping control over mobile communications. It adopts a design-science research paradigm, with the primary research artifact being a model for privacy-aware presence management in mobile communications. As part of the model development knowledge contributions are made in several ways. Existing knowledge about the problem area is extended through a quantitative analysis of mobile communications management. This analysis uses a novel survey, collecting useful empirical data for future research. This includes how people currently manage their communications and what features they expect from a potential “call management” system. The examination and use of presence standards, as a foundation for the model, provides a comparison of the main presence technologies available today. A focus on privacy features identifies several shortcomings in standards which, if addressed, can help to improve and make these standards more complete. The model stresses the privacy of potentially sensitive presence information. A unique perspective based on social relationship theories is adopted. The use of relationship groups not only makes logical sense but also assists in the management of presence information and extends existing standards. Finally, the evaluation of the model demonstrates the feasibility of a practical implementation as well the ability to extend the model in next generation mobile networks. Thus the model presents a solid foundation for the development of future services. In these ways the proposed model contributes positively towards balancing efficient mobile communications with the need for privacy-awareness

Moving Away from Foreign Aid: A Case Study of Afghanistan

After the United States invasion of 2001 that toppled the Taliban’s Islamic Emirate, a Republic Government was established in Afghanistan. The newly formed Government could not raise adequate public revenue to meet the growing public expenditure, which resulted in a large fiscal deficit. As the Afghan government could not afford debt-financing, it relied on foreign aid grants to fill the fiscal deficit. Since 2002, foreign aid grants influx helped the Afghan Government (and the economy) in many ways. However, a continued and massive reliance on foreign aid grants had several counterproductive consequences for the country, too. To understand the sources and implications of aid-dependency, as well as explore the potential solutions for overcoming aid-dependency, the author conducted this research. This research study uses a mixed research method, and the analysis is based on primary and secondary data. This research’s findings indicate that the small size of the economy, informality, high unemployment, lack of technical and institutional capacity, high level of corruption, and enormous military spending are some of the main reasons impeding the enhancement of domestic public resource mobilization (DPRM) in Afghanistan. To overcome these challenges, the author recommended short-term, medium-term, and long-term policy recommendations that could have a reasonable chance of success to enhance DPRM in Afghanistan. These recommendations are based on the analysis of the situation in Afghanistan and the lessons learned from other countries

Harnessing Knowledge, Innovation and Competence in Engineering of Mission Critical Systems

This book explores the critical role of acquisition, application, enhancement, and management of knowledge and human competence in the context of the largely digital and data/information dominated modern world. Whilst humanity owes much of its achievements to the distinct capability to learn from observation, analyse data, gain insights, and perceive beyond original realities, the systematic treatment of knowledge as a core capability and driver of success has largely remained the forte of pedagogy. In an increasingly intertwined global community faced with existential challenges and risks, the significance of knowledge creation, innovation, and systematic understanding and treatment of human competence is likely to be humanity's greatest weapon against adversity. This book was conceived to inform the decision makers and practitioners about the best practice pertinent to many disciplines and sectors. The chapters fall into three broad categories to guide the readers to gain insight from generic fundamentals to discipline-specific case studies and of the latest practice in knowledge and competence management

Harnessing Knowledge, Innovation and Competence in Engineering of Mission Critical Systems

This book explores the critical role of acquisition, application, enhancement, and management of knowledge and human competence in the context of the largely digital and data/information dominated modern world. Whilst humanity owes much of its achievements to the distinct capability to learn from observation, analyse data, gain insights, and perceive beyond original realities, the systematic treatment of knowledge as a core capability and driver of success has largely remained the forte of pedagogy. In an increasingly intertwined global community faced with existential challenges and risks, the significance of knowledge creation, innovation, and systematic understanding and treatment of human competence is likely to be humanity's greatest weapon against adversity. This book was conceived to inform the decision makers and practitioners about the best practice pertinent to many disciplines and sectors. The chapters fall into three broad categories to guide the readers to gain insight from generic fundamentals to discipline-specific case studies and of the latest practice in knowledge and competence management