National Science Foundation Update -- Mysteries of the Unregulated Internet

[David Farber <dave () farber net>]

Begin forwarded message:

From: bobr () bobrosenberg phoenix az us
Date: October 3, 2008 1:41:53 AM EDT
To: dave () farber net
Subject: National Science Foundation Update   --   Mysteries of the   
Unregulated Internet

Hi Dave

Perhaps interesting to I.P.

Cheers,
Bob

--
Bob Rosenberg
P.O. Box 33023
Phoenix, AZ  85067-3023
Mobile:  602-206-2856
LandLine:  602-274-3012
bob () bobrosenberg phoenix az us

**************

"Once a government is committed to the principle of silencing the  
voice of
opposition, it has only one way to go, and that is down the path of  
increasingly
repressive measures, until it becomes a source of terror to all its  
citizens and
creates a country where everyone lives in fear."
-- President Harry S. Truman, message to Congress, August 8, 1950


**************



From: National Science Foundation Update <nsf-update () nsf gov>
Date: Wed, 1 Oct 2008 16:17:10 -0500 (CDT)
Subject: Mysteries of the Unregulated Internet

Mysteries of the Unregulated Internet

Image showing a visualization study of inbound traffic on the NSFNET  
T1 backbone for
September 1991. Researchers develop an alert system and protocol  
improvements to
keep Internet traffic flowing smoothly
More at http://www.nsf.gov/discoveries/disc_summ.jsp?cntn_id=111970&govDel=USNSF_1


This is an NSF Discoveries item.



Discovery
Mysteries of the Unregulated Internet

Researchers develop an alert system and protocol improvements to keep  
Internet
traffic flowing smoothly
Image showing a visualization study of inbound traffic on the NSFNET  
T1 backbone for
September 1991.

Image of a visualization study of inbound traffic on the NSFNET T1  
backbone for
September 1991.
Credit and Larger Version

September 29, 2008

One Sunday afternoon last February, the YouTube Web site disappeared  
from the
Internet. YouTube didn't take it down.

The problem came from Pakistan, when a telecommunications company  
suddenly began
rerouting traffic to and from the Web site into an Internet black hole.

Incidents like this fascinate University of New Mexico (UNM) graduate  
student Josh
Karlin. With a National Science Foundation (NSF) grant, he built and  
posted an
Internet Alert Registry (IAR) that automatically sends an e-mail to  
registered
Internet service providers when there is trouble with traffic in their  
section of
the World Wide Web. The registry is free and any Internet service  
provider can sign
up for the warnings.

What happened with YouTube

Karlin says anomalies in the way Internet traffic flows show up nearly  
200 times a
day. Most of the problems are small and disappear in a few hours. A  
few, like the
hijacked YouTube traffic, are big and require Internet Service  
Providers (ISPs) to
work together to solve the problem.

"What happened is the ISPs that were close to Pakistan Telecom, that  
were in fact
forwarding Pakistan's data, said 'Oh, this is obviously wrong. We're  
not going to
propagate it.' And then they shut it off," said Karlin. "They filtered  
it out and
then suddenly the problem disappeared and YouTube was getting data  
again."

Karlin points out most users don't think much about how the Internet  
works. He says
we assume someone, somewhere is in charge, taking care of problems,  
settling
disputes, and punishing troublemakers.

But that's not true. The Internet works because thousands of  
independent ISPs work
cooperatively together to keep traffic running smoothly.

How it all works

Every computer in the world that is connected to the Internet has an  
address. Those
addresses come from the Internet Assigned Number Authority (IANA).  
That entity
assigns the numbers, but it doesn't police them.

"The IANA has been giving out these addresses for a very long time,  
and people have
lost track of where they've gone," said Karlin. "So, some companies  
that were given
Internet Protocol (IP) addresses have folded or sold them to other  
companies or
broken them down into small blocks and given them out to other people,  
so nobody
really knows what's where."

For instance, the University of New Mexico has thousands of Internet  
addresses
assigned to it. But there is no agency that monitors whether UNM only  
uses the
addresses it has been assigned. So how does any ISP sort out what is  
legitimate and
what is not?

There are dozens of companies that sell services to help ISPs sort out  
suspicious
activity from normal traffic. The IAR will alert providers as well.  
But researchers
are only now trying to figure out how to handle suspicious traffic  
when it suddenly
appears.

Karlin is one of them. He and his advisor, UNM computer science  
professor Stephanie
Forrest, and Princeton University computer sciences professor Jennifer  
Rexford are
working on an improvement to the Border Gateway Protocol. The  
modification changes
preference to allow ISPs to automatically route traffic around a  
source that makes
an unexpected change in routing.

Getting around problems

Their protocol emphasizes the status quo. If traffic is flowing along  
like it is
normally, it means everything is ok. If traffic suddenly begins to  
flow in a
different way, the yellow flags go up and their protocol automatically  
selects a
more stable and trusted route.

That buys time for the ISPs to figure out whether this is a traffic  
hijacking, as
occurred in the YouTube case, or not. If an alarm is raised, as it was  
by YouTube,
the ISP can avoid using the anomalous route.

The Internet Alert System and the new protocol will eventually work  
together so that
routers can automatically avoid suspicious routes while the pertinent  
ISPs are
informed of the problem. This way, potential problems unfold slowly  
rather than
instantly.

Karlin has noted that the Internet began as a messaging system between  
researchers
who trusted each other, and so far the system still basically works on  
the idea that
routes being advertised around the world are correct. But as more and  
more networks
join the Internet, the likelihood increases that mistakes will be made  
that cause
problems. Karlin's new protocol treats the mistakes as mistakes rather  
than attacks
and allows for a positive, rather than a punitive, solution.

-- Karen Wentworth, University of New Mexico kwent2 () unm edu

This Behind the Scenes article was provided to LiveScience in  
partnership with the
National Science Foundation.

Investigators
Josh Karlin
Stephanie Forrest
Jennifer Rexford

Related Institutions/Organizations
University of New Mexico
Princeton University

Locations
New Mexico
New Jersey

Related Programs
Trusted Computing

Related Awards
#0311686 Collaborative Research: Automated and Adaptive Diversity for  
Improving
Computer Systems Security

Total Grants
$250,000

Related Websites
LiveScience.com: Behind the Scenes: Mysteries of the Unregulated  
Internet:
http://www.livescience.com/technology/080725-bts-internet-traffic.html
Internet Alert Registry: http://iar.cs.unm.edu/







-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com