An Internet Heartbeat

Obtaining sound inferences over remote networks via active or passive measurements is difficult. Active measurement campaigns face challenges of load, coverage, and visibility. Passive measurements require a privileged vantage point. Even networks under our own control too often remain poorly understood and hard to diagnose. As a step toward the democratization of Internet measurement, we consider the inferential power possible were the network to include a constant and predictable stream of dedicated lightweight measurement traffic. We posit an Internet "heartbeat," which nodes periodically send to random destinations, and show how aggregating heartbeats facilitates introspection into parts of the network that are today generally obtuse. We explore the design space of an Internet heartbeat, potential use cases, incentives, and paths to deployment

IPv6 Network Mobility

Network Authentication, Authorization, and Accounting has been used since before the days of the Internet as we know it today. Authentication asks the question, “Who or what are you?” Authorization asks, “What are you allowed to do?” And fi nally, accounting wants to know, “What did you do?” These fundamental security building blocks are being used in expanded ways today. The fi rst part of this two-part series focused on the overall concepts of AAA, the elements involved in AAA communications, and highlevel approaches to achieving specifi c AAA goals. It was published in IPJ Volume 10, No. 1[0]. This second part of the series discusses the protocols involved, specifi c applications of AAA, and considerations for the future of AAA

A Brave New World: Studies on the Deployment and Security of the Emerging IPv6 Internet.

Recent IPv4 address exhaustion events are ushering in a new era of rapid transition to the next generation Internet protocol---IPv6. Via Internet-scale experiments and data analysis, this dissertation characterizes the adoption and security of the emerging IPv6 network. The work includes three studies, each the largest of its kind, examining various facets of the new network protocol's deployment, routing maturity, and security. The first study provides an analysis of ten years of IPv6 deployment data, including quantifying twelve metrics across ten global-scale datasets, and affording a holistic understanding of the state and recent progress of the IPv6 transition. Based on cross-dataset analysis of relative global adoption rates and across features of the protocol, we find evidence of a marked shift in the pace and nature of adoption in recent years and observe that higher-level metrics of adoption lag lower-level metrics. Next, a network telescope study covering the IPv6 address space of the majority of allocated networks provides insight into the early state of IPv6 routing. Our analyses suggest that routing of average IPv6 prefixes is less stable than that of IPv4. This instability is responsible for the majority of the captured misdirected IPv6 traffic. Observed dark (unallocated destination) IPv6 traffic shows substantial differences from the unwanted traffic seen in IPv4---in both character and scale. Finally, a third study examines the state of IPv6 network security policy. We tested a sample of 25 thousand routers and 520 thousand servers against sets of TCP and UDP ports commonly targeted by attackers. We found systemic discrepancies between intended security policy---as codified in IPv4---and deployed IPv6 policy. Such lapses in ensuring that the IPv6 network is properly managed and secured are leaving thousands of important devices more vulnerable to attack than before IPv6 was enabled. Taken together, findings from our three studies suggest that IPv6 has reached a level and pace of adoption, and shows patterns of use, that indicates serious production employment of the protocol on a broad scale. However, weaker IPv6 routing and security are evident, and these are leaving early dual-stack networks less robust than the IPv4 networks they augment.PhDComputer Science and EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/120689/1/jczyz_1.pd

An Analysis of Internet Background Radiation within an African IPv4 netblock

The use of passive network sensors has in the past proven to be quite effective in monitoring and analysing the current state of traffic on a network. Internet traffic destined to a routable, yet unused address block is often referred to as Internet Background Radiation (IBR) and characterised as unsolicited. This unsolicited traffic is however quite valuable to researchers in that it allows them to study the traffic patterns in a covert manner. IBR is largely composed of network and port scanning traffic, backscatter packets from virus and malware activity and to a lesser extent, misconfiguration of network devices. This research answers the following two questions: (1) What is the current state of IBR within the context of a South African IP address space and (2) Can any anomalies be detected in the traffic, with specific reference to current global malware attacks such as Mirai and similar. Rhodes University operates five IPv4 passive network sensors, commonly known as network telescopes, each monitoring its own /24 IP address block. The oldest of these network telescopes has been collecting traffic for over a decade, with the newest being established in 2011. This research focuses on the in-depth analysis of the traffic captured by one telescope in the 155/8 range over a 12 month period, from January to December 2017. The traffic was analysed and classified according the protocol, TCP flag, source IP address, destination port, packet count and payload size. Apart from the normal network traffic graphs and tables, a geographic heatmap of source traffic was also created, based on the source IP address. Spikes and noticeable variances in traffic patterns were further investigated and evidence of Mirai like malware activity was observed. Network and port scanning were found to comprise the largest amount of traffic, accounting for over 90% of the total IBR. Various scanning techniques were identified, including low level passive scanning and much higher level active scanning

Enabling and Understanding Failure of Engineering Structures Using the Technique of Cohesive Elements

In this paper, we describe a cohesive zone model for the prediction of failure of engineering solids and/or structures. A damage evolution law is incorporated into a three-dimensional, exponential cohesive law to account for material degradation under the influence of cyclic loading. This cohesive zone model is implemented in the finite element software ABAQUS through a user defined subroutine. The irreversibility of the cohesive zone model is first verified and subsequently applied for studying cyclic crack growth in specimens experiencing different modes of fracture and/or failure. The crack growth behavior to include both crack initiation and crack propagation becomes a natural outcome of the numerical simulation. Numerical examples suggest that the irreversible cohesive zone model can serve as an efficient tool to predict fatigue crack growth. Key issues such as crack path deviation, convergence and mesh dependency are also discussed

High-Speed Mobile Networks for Modern Farming and Agricultural Systems

ABSTRACT High-Speed Mobile Networks for Modern Farming and Agricultural Systems J.Santos Najar-Ramirez High-speed mobile networks are necessary for agriculture to inventory individual plant health, maximize yield and minimize the resources applied. More specifically, real-time information on individual plant status is critical to decisions regarding the management of resources reserved and expended. This necessity can be met by the availability of environmental sensors (such as humidity, temperature, and pH) whose data is kept on storage servers connected to static and mobile local area networks. These static and mobile local area networks are connected to cellular, core and satellite networks. For instance, agricultural experts remotely working on vast acreage farms from business offices or while traveling can easily connect their notebook computers and other portable devices to these networks in order to check farm status, send email, read industry news or arrange a visit to neighbor farms or suppliers. Today, several mobile phone companies offer broadband service with 2Mbps downlink in rural and dense urban areas, however, they do not typically exist in farm areas. Although these networks (such as 802.11ac/n, 3G, 4G, etc) are significant achievements, they do not meet the projected needs of the agricultural industry. The present use model of high-speed networks for email and multimedia content, together with agriculture’s expected intensive use of real-time plant and environmental condition monitoring, with statistics/plots and real-time high resolution video, necessitates a highly integrated and highly available networked system. For agricultural experts, attentive to market needs, seamless high-speed wireless communication ‘anywhere, anytime at any speed’ is critical to enhancing their productivity and crop yields