Distinguished Lecture
Paul Barford
University of Wisconsin-Madison
Thursday, August 13, 2009
3147 MEB, LCR
Refreshments 2:00 p.m.
Lecture 2:15 p.m.
Title: Shedding Light on Dark Places in the Internet
Paul Barford
University of Wisconsin-Madison
Thursday, August 13, 2009
3147 MEB, LCR
Refreshments 2:00 p.m.
Lecture 2:15 p.m.
Title: Shedding Light on Dark Places in the Internet
Abstract
The Internet is a vast, complicated and quickly evolving infrastructure that is deeply engrained in world's socio-economic fabric. Our quest is to develop an empirical understanding of the behavioral and structural characteristics of the Internet in order to pave the way for continued growth and diversification of the infrastructure. In the first part of this talk, we will describe our work on DNS traffic monitoring. We develop and apply a new context-aware clustering method that enables DNS analysis to be scaled to expose the desired level of detail of traffic types, and to expose their time varying characteristics. Our application of these methods to a large DNS trace from our campus highlights details of unwanted network behavior and the capabilities of our approach to the general problem of traffic classification. In the second part of the talk, we will describe our work on Internet topology discovery from simple passive measurements of IP packet traffic. We describe algorithms that enable 1) traffic sources that share network paths to be clustered accurately without relying on IP address or autonomous system information, 2) topological structure to be inferred accurately with only a small number of active measurements, 3) missing connectivity information to be recovered, which is a serious challenge in the use of passive packet measurements. This new, passive measurement-based approach offers the promise of near real time topology recovery at cost of the potential loss of some accuracy in resultant maps.
The Internet is a vast, complicated and quickly evolving infrastructure that is deeply engrained in world's socio-economic fabric. Our quest is to develop an empirical understanding of the behavioral and structural characteristics of the Internet in order to pave the way for continued growth and diversification of the infrastructure. In the first part of this talk, we will describe our work on DNS traffic monitoring. We develop and apply a new context-aware clustering method that enables DNS analysis to be scaled to expose the desired level of detail of traffic types, and to expose their time varying characteristics. Our application of these methods to a large DNS trace from our campus highlights details of unwanted network behavior and the capabilities of our approach to the general problem of traffic classification. In the second part of the talk, we will describe our work on Internet topology discovery from simple passive measurements of IP packet traffic. We describe algorithms that enable 1) traffic sources that share network paths to be clustered accurately without relying on IP address or autonomous system information, 2) topological structure to be inferred accurately with only a small number of active measurements, 3) missing connectivity information to be recovered, which is a serious challenge in the use of passive packet measurements. This new, passive measurement-based approach offers the promise of near real time topology recovery at cost of the potential loss of some accuracy in resultant maps.
Bio
Paul Barford an associate professor in the computer science department at the University of Wisconsin-Madison where he has been since 2001. He received a BS in electrical engineering from the University of Illinois and a PhD in computer science from Boston University. He is the founder and director of the Wisconsin Advanced Internet Laboratory - a widely used network testbed sponsored by Cisco Systems and the NSF. His research is focused on developing new techniques for gathering information on the structure and dynamic behavior of the Internet. He is also focused on developing new methods for protecting networks and systems from malicious attacks, and is the founder of Nemean Networks, a network security start-up company. Prof. Barford has authored numerous publications in highly competitive journals and conferences. He has served on committees of many conferences including ACM SIGCOMM, SIGMETRICS ('10 TPC chair), IMC ('06 TPC chair), CCS and USENIX Security. He is a member of the ACM Internet Measurement Conference steering committee, an associate editor of IEEE/ACM Transactions on Networking, and a voting member of the Board of Directors of the National LambdaRail.
Paul Barford an associate professor in the computer science department at the University of Wisconsin-Madison where he has been since 2001. He received a BS in electrical engineering from the University of Illinois and a PhD in computer science from Boston University. He is the founder and director of the Wisconsin Advanced Internet Laboratory - a widely used network testbed sponsored by Cisco Systems and the NSF. His research is focused on developing new techniques for gathering information on the structure and dynamic behavior of the Internet. He is also focused on developing new methods for protecting networks and systems from malicious attacks, and is the founder of Nemean Networks, a network security start-up company. Prof. Barford has authored numerous publications in highly competitive journals and conferences. He has served on committees of many conferences including ACM SIGCOMM, SIGMETRICS ('10 TPC chair), IMC ('06 TPC chair), CCS and USENIX Security. He is a member of the ACM Internet Measurement Conference steering committee, an associate editor of IEEE/ACM Transactions on Networking, and a voting member of the Board of Directors of the National LambdaRail.
Return to
2009 Events Calendar