Randy's Work Blog

Network Discovery from Passive Measurements was interesting work on cartography. Use of the Record Route option in traceroute, is something we need to look at more seriously than we have. They went specifically after the failure of RocketFuel, that there are many interfaces on a router. Then it got into a daunting disjunctive logic model, which was not something to try at home (exponential in sample size). But it did a lot better than RocketFuel.

Nathan from UW is using many traceroute hacks to try to improve RocketFuel.

Our paper, iSPY: Detecting IP Prefix Hijacking on My Own, went well, probably because the wireless was not working. 🙂

Had a good lunch at Cafe Flora with JR, MM, and two JR students.

None of the p2p presentations grabbed me. And none of the wireless papers either, but it’s far from any of my interests.

WW was also interested in control plane visibility.

In the wireless session, one paper, ZigZag Decoding: Combating Hidden Terminals in Wireless Networks, was pretty sharp. They showed how to recover the packets from 802.11 frames which collided and thus otherwise would have been discarded.

If you were interested in URLs in SPAM, perhaps Spamming Botnets: Signatures and Characteristics might have been interesting to you. Not my cup of tea.

Anja’s group and Vern’s described sampling fiber tap recording. Not sure where the computer science was in this, but it could be operationally useful. See Enriching Network Security Analysis with Time Travel.

There was a quite good paper on radically reducing the state space in regexp evaluation, Deflating the Big Bang: Fast and Scalable Deep Packet Inspection with Extended Finite Automata.

Rationality and Traffic Attraction: Incentives for Honest Path Announcements in BGP used an incentive model to motivate and test if the data plane follows the BGP control plane. This could be used for routing security to test if a neighbor was lying about how it would route traffic given to it. It modeled ASses as rational actors. Bottom line was that Secure BGP could be used to enforce the conditions, but a multi-homed node could announce the path it does not actually use.  It explores additional mechanisms that improve the situation.  Definitely interesting work in the secure BGP area.

The routing session ranged from uninteresting to embarrassing. One paper in particular was a notable disaster, rediscovering the decade+ wisdom that route distribution between protocols is dangerous. Maybe the authors should google “7007 incident.” They claimed to have analyzed router configurations from 1,600 networks and found redistribution in almost all of them. I’ll bet a good diner that, among their other massive lack of clue, they did not know that we all nail up our eBGP prefixes by redistributing special statics into BGP. And it contained not one bit of computer science.

And too many control plane researchers have only studied the one particular large ISP who has wide-scale control plane disasters twice a year, maybe more often than they have management reorgs, hard as that is to believe.  And guess what their solution to all these failures is, add more complexity and control to the network.  Rinse, repeat, …  I wish all my competitors did this.

Things got better in the data center session. One in particular, DCell: A Scalable and Fault-Tolerant Network Structure for Data Centers, a non-hierarchic connection topology, was both interesting operationally and had done the actual formal analysis. OMG, computer science!

What’s Going On? Learning Communication Rules In Edge Networks was a good tool-set for correlation of traffic within a network to understand what traffic flows are related to what others, and how to reveal unexpected and/or anomalous behavior.