首页 > 最新文献

Proceedings of the Internet Measurement Conference 2018最新文献

英文 中文
Learning Regexes to Extract Router Names from Hostnames 学习正则表达式从主机名中提取路由器名称
Pub Date : 2019-10-21 DOI: 10.1145/3355369.3355589
M. Luckie, B. Huffaker, K. Claffy
We present the design, implementation, evaluation, and validation of a system that automatically learns to extract router names (router identifiers) from hostnames stored by network operators in different DNS zones, which we represent by regular expressions (regexes). Our supervised-learning approach evaluates automatically generated candidate regexes against sets of hostnames for IP addresses that other alias resolution techniques previously inferred to identify interfaces on the same router. Conceptually, if three conditions hold: (1) a regex extracts the same value from a set of hostnames associated with IP addresses on the same router; (2) the value is unique to that router; and (3) the regex extracts names for multiple routers in the suffix, then we conclude the regex accurately represents the naming convention for the suffix. We train our system using router aliases inferred from active probing to learn regexes for 2550 different suffixes. We then demonstrate the utility of this system by using the regexes to find 105% additional aliases for these suffixes. Regexes inferred in IPv4 perfectly predict aliases for ≈85% of suffixes with IPv6 aliases, i.e., IPv4 and IPv6 addresses representing the same underlying router, and find 9.0 times more routers in IPv6 than found by prior techniques.
我们展示了一个系统的设计、实现、评估和验证,该系统自动学习从不同DNS区域的网络运营商存储的主机名中提取路由器名称(路由器标识符),我们用正则表达式(regexes)表示。我们的监督学习方法根据其他别名解析技术先前推断的IP地址主机名集评估自动生成的候选正则,以识别同一路由器上的接口。从概念上讲,如果满足三个条件:(1)一个正则表达式从同一路由器上与IP地址相关联的一组主机名中提取相同的值;(2)该值对该路由器是唯一的;(3) regex提取了该后缀中多个路由器的名称,得出该regex准确地表示了该后缀的命名约定。我们使用从主动探测中推断的路由器别名来训练我们的系统,以学习2550个不同后缀的正则表达式。然后,我们通过使用正则表达式为这些后缀查找105%的附加别名来演示该系统的实用性。在IPv4中推断的正则表达式完美地预测了约85%带有IPv6别名的后缀的别名,即IPv4和IPv6地址表示相同的底层路由器,并且在IPv6中发现的路由器比以前的技术多9.0倍。
{"title":"Learning Regexes to Extract Router Names from Hostnames","authors":"M. Luckie, B. Huffaker, K. Claffy","doi":"10.1145/3355369.3355589","DOIUrl":"https://doi.org/10.1145/3355369.3355589","url":null,"abstract":"We present the design, implementation, evaluation, and validation of a system that automatically learns to extract router names (router identifiers) from hostnames stored by network operators in different DNS zones, which we represent by regular expressions (regexes). Our supervised-learning approach evaluates automatically generated candidate regexes against sets of hostnames for IP addresses that other alias resolution techniques previously inferred to identify interfaces on the same router. Conceptually, if three conditions hold: (1) a regex extracts the same value from a set of hostnames associated with IP addresses on the same router; (2) the value is unique to that router; and (3) the regex extracts names for multiple routers in the suffix, then we conclude the regex accurately represents the naming convention for the suffix. We train our system using router aliases inferred from active probing to learn regexes for 2550 different suffixes. We then demonstrate the utility of this system by using the regexes to find 105% additional aliases for these suffixes. Regexes inferred in IPv4 perfectly predict aliases for ≈85% of suffixes with IPv6 aliases, i.e., IPv4 and IPv6 addresses representing the same underlying router, and find 9.0 times more routers in IPv6 than found by prior techniques.","PeriodicalId":20640,"journal":{"name":"Proceedings of the Internet Measurement Conference 2018","volume":"64 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74716856","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
ECON: Modeling the network to improve application performance ECON:对网络进行建模以提高应用程序性能
Pub Date : 2019-10-21 DOI: 10.1145/3355369.3355578
Yi Cao, Javad Nejati, A. Balasubramanian, Anshul Gandhi
Given the growing significance of network performance, it is crucial to examine how to make the most of available network options and protocols. We propose ECON, a model that predicts performance of applications under different protocols and network conditions to scalably make better network choices. ECON is built on an analytical framework to predict TCP performance, and uses the TCP model as a building block for predicting application performance. ECON infers a relationship between loss and congestion using empirical data that drives an online model to predict TCP performance. ECON then builds on the TCP model to predict latency and HTTP performance. Across four wired and one wireless network, our model outperforms seven alternative TCP models. We demonstrate how ECON (i) can be used by a Web server application to choose between HTTP/1.1 and HTTP/2 for a given Web page and network condition, and (ii) can be used by a video application to choose the optimal bitrate that maximizes video quality without rebuffering.
鉴于网络性能的重要性日益增加,研究如何充分利用可用的网络选项和协议是至关重要的。我们提出了一个预测应用程序在不同协议和网络条件下的性能的模型ECON,以可扩展地做出更好的网络选择。ECON建立在预测TCP性能的分析框架上,并使用TCP模型作为预测应用程序性能的构建块。ECON使用经验数据推断出损失和拥塞之间的关系,这些数据驱动在线模型来预测TCP性能。然后,ECON建立在TCP模型上,以预测延迟和HTTP性能。在四个有线网络和一个无线网络中,我们的模型优于七个备选TCP模型。我们演示了ECON (i)如何被Web服务器应用程序用于在给定的Web页面和网络条件下在HTTP/1.1和HTTP/2之间进行选择,以及(ii)如何被视频应用程序用于在不重新缓冲的情况下选择最大化视频质量的最佳比特率。
{"title":"ECON: Modeling the network to improve application performance","authors":"Yi Cao, Javad Nejati, A. Balasubramanian, Anshul Gandhi","doi":"10.1145/3355369.3355578","DOIUrl":"https://doi.org/10.1145/3355369.3355578","url":null,"abstract":"Given the growing significance of network performance, it is crucial to examine how to make the most of available network options and protocols. We propose ECON, a model that predicts performance of applications under different protocols and network conditions to scalably make better network choices. ECON is built on an analytical framework to predict TCP performance, and uses the TCP model as a building block for predicting application performance. ECON infers a relationship between loss and congestion using empirical data that drives an online model to predict TCP performance. ECON then builds on the TCP model to predict latency and HTTP performance. Across four wired and one wireless network, our model outperforms seven alternative TCP models. We demonstrate how ECON (i) can be used by a Web server application to choose between HTTP/1.1 and HTTP/2 for a given Web page and network condition, and (ii) can be used by a video application to choose the optimal bitrate that maximizes video quality without rebuffering.","PeriodicalId":20640,"journal":{"name":"Proceedings of the Internet Measurement Conference 2018","volume":"11 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80785513","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
When to use and when not to use BBR: An empirical analysis and evaluation study 何时使用与不使用BBR:一项实证分析与评价研究
Pub Date : 2019-10-21 DOI: 10.1145/3355369.3355579
Yi Cao, Arpit Jain, K. Sharma, A. Balasubramanian, Anshul Gandhi
This short paper presents a detailed empirical study of BBR's performance under different real-world and emulated testbeds across a range of network operating conditions. Our empirical results help to identify network conditions under which BBR outperforms, in terms of goodput, contemporary TCP congestion control algorithms. We find that BBR is well suited for networks with shallow buffers, despite its high retransmissions, whereas existing loss-based algorithms are better suited for deep buffers. To identify the root causes of BBR's limitations, we carefully analyze our empirical results. Our analysis reveals that, contrary to BBR's design goal, BBR often exhibits large queue sizes. Further, the regimes where BBR performs well are often the same regimes where BBR is unfair to competing flows. Finally, we demonstrate the existence of a loss rate "cliff point" beyond which BBR's goodput drops abruptly. Our empirical investigation identifies the likely culprits in each of these cases as specific design options in BBR's source code.
本文对BBR在各种网络运行条件下的不同现实世界和模拟试验台的性能进行了详细的实证研究。我们的实证结果有助于确定BBR优于当代TCP拥塞控制算法的网络条件。我们发现BBR非常适合具有浅缓冲区的网络,尽管它的重传率很高,而现有的基于损失的算法更适合于深缓冲区。为了找出BBR局限性的根本原因,我们仔细分析了我们的实证结果。我们的分析表明,与BBR的设计目标相反,BBR经常显示出较大的队列大小。此外,BBR表现良好的制度往往与BBR对竞争资金不公平的制度相同。最后,我们证明了损失率“悬崖点”的存在,超过这个点BBR的好卖权就会突然下降。我们的实证调查确定了这些情况中可能的罪魁祸首是BBR源代码中的特定设计选项。
{"title":"When to use and when not to use BBR: An empirical analysis and evaluation study","authors":"Yi Cao, Arpit Jain, K. Sharma, A. Balasubramanian, Anshul Gandhi","doi":"10.1145/3355369.3355579","DOIUrl":"https://doi.org/10.1145/3355369.3355579","url":null,"abstract":"This short paper presents a detailed empirical study of BBR's performance under different real-world and emulated testbeds across a range of network operating conditions. Our empirical results help to identify network conditions under which BBR outperforms, in terms of goodput, contemporary TCP congestion control algorithms. We find that BBR is well suited for networks with shallow buffers, despite its high retransmissions, whereas existing loss-based algorithms are better suited for deep buffers. To identify the root causes of BBR's limitations, we carefully analyze our empirical results. Our analysis reveals that, contrary to BBR's design goal, BBR often exhibits large queue sizes. Further, the regimes where BBR performs well are often the same regimes where BBR is unfair to competing flows. Finally, we demonstrate the existence of a loss rate \"cliff point\" beyond which BBR's goodput drops abruptly. Our empirical investigation identifies the likely culprits in each of these cases as specific design options in BBR's source code.","PeriodicalId":20640,"journal":{"name":"Proceedings of the Internet Measurement Conference 2018","volume":"36 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87440228","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
A Longitudinal Analysis of the ads.txt Standard ads.txt标准的纵向分析
Pub Date : 2019-10-21 DOI: 10.1145/3355369.3355603
M. Bashir, Sajjad Arshad, E. Kirda, William K. Robertson, Christo Wilson
Programmatic advertising provides digital ad buyers with the convenience of purchasing ad impressions through Real Time Bidding (RTB) auctions. However, programmatic advertising has also given rise to a novel form of ad fraud known as domain spoofing, in which attackers sell counterfeit impressions that claim to be from high-value publishers. To mitigate domain spoofing, the Interactive Advertising Bureau (IAB) Tech Lab introduced the ads.txt standard in May 2017 to help ad buyers verify authorized digital ad sellers, as well as to promote overall transparency in programmatic advertising. In this work, we present a 15-month longitudinal, observational study of the ads.txt standard. We do this to understand (1) if it is helping ad buyers to combat domain spoofing and (2) whether the transparency offered by the standard can provide useful data to researchers and privacy advocates. With respect to halting domain spoofing, we observe that over 60% of Alexa Top-100K publishers that run RTB ads have adopted ads.txt, and that ad exchanges and advertisers appear to be honoring the standard. With respect to transparency, the widespread adoption of ads.txt allows us to explicitly identify over 1,000 domains belonging to ad exchanges, without having to rely on crowdsourcing or heuristic methods. However, we also find that ads.txt is still a long way from reaching its full potential. Many publishers have yet to adopt the standard, and we observe major ad exchanges purchasing unauthorized impressions that violate the standard. This opens the door to domain spoofing attacks. Further, ads.txt data often include errors that must be cleaned and mitigated before the data is practically useful.
程序化广告为数字广告买家提供了通过实时竞价(RTB)拍卖购买广告印象的便利。然而,程序化广告也引发了一种被称为域名欺骗的新型广告欺诈形式,攻击者出售声称来自高价值出版商的伪造印象。为了减少域名欺骗,互动广告局(IAB)技术实验室于2017年5月推出了ads.txt标准,以帮助广告买家验证授权的数字广告卖家,并提高程序化广告的整体透明度。在这项工作中,我们对ads.txt标准进行了为期15个月的纵向观察研究。我们这样做是为了了解(1)它是否有助于广告买家打击域名欺骗(2)标准提供的透明度是否可以为研究人员和隐私倡导者提供有用的数据。关于阻止域名欺骗,我们观察到超过60%的Alexa Top-100K运行RTB广告的发布商采用了ads.txt,广告交易所和广告商似乎都遵守了这一标准。关于透明度,广泛采用ads.txt使我们能够明确地识别属于广告交易所的1000多个域名,而无需依赖众包或启发式方法。然而,我们也发现ads.txt距离发挥其全部潜力还有很长的路要走。许多发布商尚未采用该标准,我们观察到主要的广告交易平台购买了违反该标准的未经授权的展示次数。这为域名欺骗攻击打开了大门。此外,ads.txt数据通常包含在数据实际有用之前必须清除和减轻的错误。
{"title":"A Longitudinal Analysis of the ads.txt Standard","authors":"M. Bashir, Sajjad Arshad, E. Kirda, William K. Robertson, Christo Wilson","doi":"10.1145/3355369.3355603","DOIUrl":"https://doi.org/10.1145/3355369.3355603","url":null,"abstract":"Programmatic advertising provides digital ad buyers with the convenience of purchasing ad impressions through Real Time Bidding (RTB) auctions. However, programmatic advertising has also given rise to a novel form of ad fraud known as domain spoofing, in which attackers sell counterfeit impressions that claim to be from high-value publishers. To mitigate domain spoofing, the Interactive Advertising Bureau (IAB) Tech Lab introduced the ads.txt standard in May 2017 to help ad buyers verify authorized digital ad sellers, as well as to promote overall transparency in programmatic advertising. In this work, we present a 15-month longitudinal, observational study of the ads.txt standard. We do this to understand (1) if it is helping ad buyers to combat domain spoofing and (2) whether the transparency offered by the standard can provide useful data to researchers and privacy advocates. With respect to halting domain spoofing, we observe that over 60% of Alexa Top-100K publishers that run RTB ads have adopted ads.txt, and that ad exchanges and advertisers appear to be honoring the standard. With respect to transparency, the widespread adoption of ads.txt allows us to explicitly identify over 1,000 domains belonging to ad exchanges, without having to rely on crowdsourcing or heuristic methods. However, we also find that ads.txt is still a long way from reaching its full potential. Many publishers have yet to adopt the standard, and we observe major ad exchanges purchasing unauthorized impressions that violate the standard. This opens the door to domain spoofing attacks. Further, ads.txt data often include errors that must be cleaned and mitigated before the data is practically useful.","PeriodicalId":20640,"journal":{"name":"Proceedings of the Internet Measurement Conference 2018","volume":"7 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75270000","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
Multiway Reliability Analysis of Mobile Broadband Networks 移动宽带网络的多路可靠性分析
Pub Date : 2019-10-21 DOI: 10.1145/3355369.3355591
Mah-Rukh Fida, E. Acar, A. Elmokashfi
Understanding and characterizing the reliability of a mobile broadband network is a challenging task due to the presence of a multitude of root causes that operate at different temporal and spatial scales. This, in turn, limits the use of classical statistical methods for characterizing the mobile network's reliability. We propose leveraging tensor factorizations, a well-established data mining method, to address this challenge. We represent a year-long time series of outages, from two mobile operators as multi-way arrays, and demonstrate how tensor factorizations help in extracting the outage patterns at various time-scales, making it easy to locate possible root causes. Unlike traditional methods of time series analysis, tensor factorizations provide a compact and interpretable picture of outages.
理解和描述移动宽带网络的可靠性是一项具有挑战性的任务,因为存在许多在不同时间和空间尺度上运行的根本原因。这反过来又限制了使用经典的统计方法来表征移动网络的可靠性。我们建议利用张量分解,一种完善的数据挖掘方法,来解决这一挑战。我们将两家移动运营商一年的停机时间序列表示为多向数组,并演示张量分解如何帮助提取各种时间尺度上的停机模式,从而轻松定位可能的根本原因。与传统的时间序列分析方法不同,张量分解提供了一个紧凑的和可解释的停机图像。
{"title":"Multiway Reliability Analysis of Mobile Broadband Networks","authors":"Mah-Rukh Fida, E. Acar, A. Elmokashfi","doi":"10.1145/3355369.3355591","DOIUrl":"https://doi.org/10.1145/3355369.3355591","url":null,"abstract":"Understanding and characterizing the reliability of a mobile broadband network is a challenging task due to the presence of a multitude of root causes that operate at different temporal and spatial scales. This, in turn, limits the use of classical statistical methods for characterizing the mobile network's reliability. We propose leveraging tensor factorizations, a well-established data mining method, to address this challenge. We represent a year-long time series of outages, from two mobile operators as multi-way arrays, and demonstrate how tensor factorizations help in extracting the outage patterns at various time-scales, making it easy to locate possible root causes. Unlike traditional methods of time series analysis, tensor factorizations provide a compact and interpretable picture of outages.","PeriodicalId":20640,"journal":{"name":"Proceedings of the Internet Measurement Conference 2018","volume":"2 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87070031","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Internet Performance from Facebook's Edge Facebook Edge的互联网性能
Pub Date : 2019-10-21 DOI: 10.1145/3355369.3355567
Brandon Schlinker, Ítalo F. S. Cunha, Yi-Ching Chiu, S. Sundaresan, Ethan Katz-Bassett
We examine the current state of user network performance and opportunities to improve it from the vantage point of Facebook, a global content provider. Facebook serves over 2 billion users distributed around the world using a network of PoPs and interconnections spread across 6 continents. In this paper, we execute a large-scale, 10-day measurement study of metrics at the TCP and HTTP layers for production user traffic at all of Facebook's PoPs worldwide, collecting performance measurements for hundreds of trillions of sampled HTTP sessions. We discuss our approach to collecting and analyzing measurements, including a novel approach to characterizing user achievable goodput from the server side. We find that most user sessions have MinRTT less than 39ms and can support HD video. We investigate if it is possible to improve performance by incorporating performance information into Facebook's routing decisions; we find that default routing by Facebook is largely optimal. To our knowledge, our measurement study is the first characterization of user performance on today's Internet from the vantage point of a global content provider.
我们从全球内容提供商Facebook的角度审视用户网络性能的现状和改进它的机会。Facebook通过遍布六大洲的pop和互连网络为全球超过20亿用户提供服务。在本文中,我们在TCP和HTTP层对Facebook全球所有pop的生产用户流量进行了为期10天的大规模测量研究,收集了数以万亿计的HTTP会话样本的性能测量数据。我们讨论了收集和分析度量的方法,包括一种从服务器端描述用户可实现的收益的新方法。我们发现大多数用户会话的MinRTT小于39ms,并且可以支持高清视频。我们调查是否有可能通过将性能信息纳入Facebook的路由决策来提高性能;我们发现Facebook的默认路由在很大程度上是最佳的。据我们所知,我们的测量研究是第一次从全球内容提供商的角度对当今互联网上的用户性能进行表征。
{"title":"Internet Performance from Facebook's Edge","authors":"Brandon Schlinker, Ítalo F. S. Cunha, Yi-Ching Chiu, S. Sundaresan, Ethan Katz-Bassett","doi":"10.1145/3355369.3355567","DOIUrl":"https://doi.org/10.1145/3355369.3355567","url":null,"abstract":"We examine the current state of user network performance and opportunities to improve it from the vantage point of Facebook, a global content provider. Facebook serves over 2 billion users distributed around the world using a network of PoPs and interconnections spread across 6 continents. In this paper, we execute a large-scale, 10-day measurement study of metrics at the TCP and HTTP layers for production user traffic at all of Facebook's PoPs worldwide, collecting performance measurements for hundreds of trillions of sampled HTTP sessions. We discuss our approach to collecting and analyzing measurements, including a novel approach to characterizing user achievable goodput from the server side. We find that most user sessions have MinRTT less than 39ms and can support HD video. We investigate if it is possible to improve performance by incorporating performance information into Facebook's routing decisions; we find that default routing by Facebook is largely optimal. To our knowledge, our measurement study is the first characterization of user performance on today's Internet from the vantage point of a global content provider.","PeriodicalId":20640,"journal":{"name":"Proceedings of the Internet Measurement Conference 2018","volume":"10 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88145085","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 41
Roll, Roll, Roll your Root: A Comprehensive Analysis of the First Ever DNSSEC Root KSK Rollover 滚,滚,滚你的根:对首次DNSSEC根KSK轮转的综合分析
Pub Date : 2019-10-21 DOI: 10.1145/3355369.3355570
M. Müller, Matthew Thomas, D. Wessels, W. Hardaker, Taejoong Chung, W. Toorop, R. V. Rijswijk-Deij
The DNS Security Extensions (DNSSEC) add authenticity and integrity to the naming system of the Internet. Resolvers that validate information in the DNS need to know the cryptographic public key used to sign the root zone of the DNS. Eight years after its introduction and one year after the originally scheduled date, this key was replaced by ICANN for the first time in October 2018. ICANN considered this event, called a rollover, "an overwhelming success" and during the rollover they detected "no significant outages". In this paper, we independently follow the process of the rollover starting from the events that led to its postponement in 2017 until the removal of the old key in 2019. We collected data from multiple vantage points in the DNS ecosystem for the entire duration of the rollover process. Using this data, we study key events of the rollover. These events include telemetry signals that led to the rollover being postponed, a near real-time view of the actual rollover in resolvers and a significant increase in queries to the root of the DNS once the old key was revoked. Our analysis contributes significantly to identifying the causes of challenges observed during the rollover. We show that while from an end-user perspective, the roll indeed passed without major problems, there are many opportunities for improvement and important lessons to be learned from events that occurred over the entire duration of the rollover. Based on these lessons, we propose improvements to the process for future rollovers.
DNS安全扩展(DNSSEC)为Internet的命名系统增加了真实性和完整性。验证DNS中的信息的解析器需要知道用于对DNS的根区域签名的加密公钥。在推出八年后,在原定日期一年后,该密钥于2018年10月首次被ICANN取代。ICANN认为这一被称为轮转的事件“取得了压倒性的成功”,在轮转期间,他们没有发现“严重的中断”。在本文中,我们独立地跟踪了从2017年导致其延迟的事件开始的滚动过程,直到2019年旧密钥的移除。在整个轮转过程中,我们从DNS生态系统中的多个有利位置收集数据。利用这些数据,我们研究了翻转的关键事件。这些事件包括导致轮转被推迟的遥测信号、解析器中实际轮转的近乎实时的视图,以及一旦旧密钥被撤销,对DNS根的查询显著增加。我们的分析有助于识别在翻转过程中观察到的挑战的原因。我们表明,虽然从最终用户的角度来看,滚动确实没有出现重大问题,但是有许多改进的机会,并且可以从整个滚动期间发生的事件中吸取重要的经验教训。基于这些经验教训,我们提出了对未来滚转流程的改进。
{"title":"Roll, Roll, Roll your Root: A Comprehensive Analysis of the First Ever DNSSEC Root KSK Rollover","authors":"M. Müller, Matthew Thomas, D. Wessels, W. Hardaker, Taejoong Chung, W. Toorop, R. V. Rijswijk-Deij","doi":"10.1145/3355369.3355570","DOIUrl":"https://doi.org/10.1145/3355369.3355570","url":null,"abstract":"The DNS Security Extensions (DNSSEC) add authenticity and integrity to the naming system of the Internet. Resolvers that validate information in the DNS need to know the cryptographic public key used to sign the root zone of the DNS. Eight years after its introduction and one year after the originally scheduled date, this key was replaced by ICANN for the first time in October 2018. ICANN considered this event, called a rollover, \"an overwhelming success\" and during the rollover they detected \"no significant outages\". In this paper, we independently follow the process of the rollover starting from the events that led to its postponement in 2017 until the removal of the old key in 2019. We collected data from multiple vantage points in the DNS ecosystem for the entire duration of the rollover process. Using this data, we study key events of the rollover. These events include telemetry signals that led to the rollover being postponed, a near real-time view of the actual rollover in resolvers and a significant increase in queries to the root of the DNS once the old key was revoked. Our analysis contributes significantly to identifying the causes of challenges observed during the rollover. We show that while from an end-user perspective, the roll indeed passed without major problems, there are many opportunities for improvement and important lessons to be learned from events that occurred over the entire duration of the rollover. Based on these lessons, we propose improvements to the process for future rollovers.","PeriodicalId":20640,"journal":{"name":"Proceedings of the Internet Measurement Conference 2018","volume":"46 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87934024","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Reducing Permission Requests in Mobile Apps 减少移动应用中的权限请求
Pub Date : 2019-10-21 DOI: 10.1145/3355369.3355584
Sai Teja Peddinti, Igor Bilogrevic, N. Taft, M. Pelikán, Ú. Erlingsson, Pauline Anthonysamy, G. Hogben
Users of mobile apps sometimes express discomfort or concerns with what they see as unnecessary or intrusive permission requests by certain apps. However encouraging mobile app developers to request fewer permissions is challenging because there are many reasons why permissions are requested; furthermore, prior work [25] has shown it is hard to disambiguate the purpose of a particular permission with high certainty. In this work we describe a novel, algorithmic mechanism intended to discourage mobile-app developers from asking for unnecessary permissions. Developers are incentivized by an automated alert, or "nudge", shown in the Google Play Console when their apps ask for permissions that are requested by very few functionally-similar apps---in other words, by their competition. Empirically, this incentive is effective, with significant developer response since its deployment. Permissions have been redacted by 59% of apps that were warned, and this attenuation has occurred broadly across both app categories and app popularity levels. Importantly, billions of users' app installs from the Google Play have benefited from these redactions.
移动应用程序的用户有时会对某些应用程序提出的不必要或侵入性的许可请求表示不适或担忧。然而,鼓励手机应用开发者请求更少的权限是一项挑战,因为请求权限的原因有很多;此外,先前的研究[25]表明,很难高度确定地消除特定许可的目的歧义。在这项工作中,我们描述了一种新颖的算法机制,旨在阻止移动应用程序开发人员请求不必要的许可。当开发者的应用请求很少有功能相似的应用请求权限(换句话说,是他们的竞争对手)时,谷歌Play控制台就会显示自动提醒或“提示”,以此激励开发者。从经验上看,这种激励是有效的,自部署以来开发人员的反应很大。在收到警告的应用中,有59%的应用修改了权限,这种减少在应用类别和应用受欢迎程度上都广泛发生。重要的是,从Google Play安装应用的数十亿用户都受益于这些修订。
{"title":"Reducing Permission Requests in Mobile Apps","authors":"Sai Teja Peddinti, Igor Bilogrevic, N. Taft, M. Pelikán, Ú. Erlingsson, Pauline Anthonysamy, G. Hogben","doi":"10.1145/3355369.3355584","DOIUrl":"https://doi.org/10.1145/3355369.3355584","url":null,"abstract":"Users of mobile apps sometimes express discomfort or concerns with what they see as unnecessary or intrusive permission requests by certain apps. However encouraging mobile app developers to request fewer permissions is challenging because there are many reasons why permissions are requested; furthermore, prior work [25] has shown it is hard to disambiguate the purpose of a particular permission with high certainty. In this work we describe a novel, algorithmic mechanism intended to discourage mobile-app developers from asking for unnecessary permissions. Developers are incentivized by an automated alert, or \"nudge\", shown in the Google Play Console when their apps ask for permissions that are requested by very few functionally-similar apps---in other words, by their competition. Empirically, this incentive is effective, with significant developer response since its deployment. Permissions have been redacted by 59% of apps that were warned, and this attenuation has occurred broadly across both app categories and app popularity levels. Importantly, billions of users' app installs from the Google Play have benefited from these redactions.","PeriodicalId":20640,"journal":{"name":"Proceedings of the Internet Measurement Conference 2018","volume":"19 6","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72616973","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
Prefix Top Lists: Gaining Insights with Prefixes from Domain-based Top Lists on DNS Deployment 前缀顶级列表:从域名顶级列表中获取DNS部署中的前缀洞察
Pub Date : 2019-10-21 DOI: 10.1145/3355369.3355598
Johannes Naab, Patrick Sattler, Jonas Jelten, Oliver Gasser, G. Carle
Domain-based top lists such as the Alexa Top 1M strive to portray the popularity of web domains. Even though their shortcomings (e.g., instability, no aggregation, lack of weights) have been pointed out, domain-based top lists still are an important element of Internet measurement studies. In this paper we present the concept of prefix top lists, which ameliorate some of the shortcomings, while providing insights into the importance of addresses of domain-based top lists. With prefix top lists we aggregate domain-based top lists into network prefixes and apply a Zipf distribution to assign weights to each prefix. In our analysis we find that different domain-based top lists provide differentiated views on Internet prefixes. In addition, we observe very small weight changes over time. We leverage prefix top lists to conduct an evaluation of the DNS to classify the deployment quality of domains. We show that popular domains adhere to name server recommendations for IPv4, but IPv6 compliance is still lacking. Finally, we provide these enhanced and more stable prefix top lists to fellow researchers which can use them to obtain more representative measurement results.
基于域名的顶级列表,如Alexa top 1M,努力描绘网络域名的受欢迎程度。尽管他们的缺点(例如,不稳定,不聚合,缺乏权重)已经被指出,基于域的顶级列表仍然是互联网测量研究的一个重要元素。在本文中,我们提出了前缀顶级列表的概念,它改善了一些缺点,同时提供了基于域的顶级列表地址的重要性的见解。通过前缀顶级列表,我们将基于域的顶级列表聚合到网络前缀中,并应用Zipf分布为每个前缀分配权重。在我们的分析中,我们发现不同的域名top list对互联网前缀提供了不同的看法。此外,我们观察到体重随时间的变化非常小。我们利用前缀顶级列表对DNS进行评估,以对域的部署质量进行分类。我们表明,流行的域名坚持IPv4的名称服务器建议,但IPv6的合规性仍然缺乏。最后,我们将这些增强的、更稳定的前缀top列表提供给其他研究人员,他们可以使用它们来获得更有代表性的测量结果。
{"title":"Prefix Top Lists: Gaining Insights with Prefixes from Domain-based Top Lists on DNS Deployment","authors":"Johannes Naab, Patrick Sattler, Jonas Jelten, Oliver Gasser, G. Carle","doi":"10.1145/3355369.3355598","DOIUrl":"https://doi.org/10.1145/3355369.3355598","url":null,"abstract":"Domain-based top lists such as the Alexa Top 1M strive to portray the popularity of web domains. Even though their shortcomings (e.g., instability, no aggregation, lack of weights) have been pointed out, domain-based top lists still are an important element of Internet measurement studies. In this paper we present the concept of prefix top lists, which ameliorate some of the shortcomings, while providing insights into the importance of addresses of domain-based top lists. With prefix top lists we aggregate domain-based top lists into network prefixes and apply a Zipf distribution to assign weights to each prefix. In our analysis we find that different domain-based top lists provide differentiated views on Internet prefixes. In addition, we observe very small weight changes over time. We leverage prefix top lists to conduct an evaluation of the DNS to classify the deployment quality of domains. We show that popular domains adhere to name server recommendations for IPv4, but IPv6 compliance is still lacking. Finally, we provide these enhanced and more stable prefix top lists to fellow researchers which can use them to obtain more representative measurement results.","PeriodicalId":20640,"journal":{"name":"Proceedings of the Internet Measurement Conference 2018","volume":"40 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76729521","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
RPKI is Coming of Age: A Longitudinal Study of RPKI Deployment and Invalid Route Origins RPKI正在成熟:RPKI部署与无效路由起源的纵向研究
Pub Date : 2019-10-21 DOI: 10.1145/3355369.3355596
Taejoong Chung, E. Aben, Tim Bruijnzeels, B. Chandrasekaran, D. Choffnes, Dave Levin, B. Maggs, A. Mislove, R. V. Rijswijk-Deij, John P. Rula, N. Sullivan
Despite its critical role in Internet connectivity, the Border Gateway Protocol (BGP) remains highly vulnerable to attacks such as prefix hijacking, where an Autonomous System (AS) announces routes for IP space it does not control. To address this issue, the Resource Public Key Infrastructure (RPKI) was developed starting in 2008, with deployment beginning in 2011. This paper performs the first comprehensive, longitudinal study of the deployment, coverage, and quality of RPKI. We use a unique dataset containing all RPKI Route Origin Authorizations (ROAs) from the moment RPKI was first deployed, more than 8 years ago. We combine this dataset with BGP announcements from more than 3,300 BGP collectors worldwide. Our analysis shows the after a gradual start, RPKI has seen a rapid increase in adoption over the past two years. We also show that although misconfigurations were rampant when RPKI was first deployed (causing many announcements to appear as invalid) they are quite rare today. We develop a taxonomy of invalid RPKI announcements, then quantify their prevalence. We further identify suspicious announcements indicative of prefix hijacking and present case studies of likely hijacks. Overall, we conclude that while misconfigurations still do occur, RPKI is "ready for the big screen," and routing security can be increased by dropping invalid announcements. To foster reproducibility and further studies, we release all RPKI data and the tools we used to analyze it into the public domain.
尽管边界网关协议(BGP)在互联网连接中起着至关重要的作用,但它仍然极易受到前缀劫持等攻击,即自治系统(as)宣布它无法控制的IP空间的路由。为了解决这个问题,资源公钥基础设施(Resource Public Key Infrastructure, RPKI)于2008年开始开发,并于2011年开始部署。本文首次对RPKI的部署、覆盖和质量进行了全面的纵向研究。我们使用一个独特的数据集,其中包含自RPKI首次部署以来的所有路由起源授权(roa),超过8年前。我们将此数据集与来自全球3300多个BGP收集器的BGP公告相结合。我们的分析显示,在经历了一个渐进的开始之后,RPKI在过去两年中得到了快速的普及。我们还指出,尽管在首次部署RPKI时错误配置非常猖獗(导致许多公告显示为无效),但它们在今天已经非常罕见了。我们开发了无效RPKI公告的分类,然后量化它们的流行程度。我们进一步识别指示前缀劫持的可疑公告,并提供可能劫持的案例研究。总的来说,我们得出的结论是,尽管错误配置仍然存在,但RPKI已经“为大屏幕做好了准备”,并且可以通过删除无效通知来提高路由安全性。为了促进可重复性和进一步的研究,我们将所有RPKI数据和我们用于分析它的工具发布到公共领域。
{"title":"RPKI is Coming of Age: A Longitudinal Study of RPKI Deployment and Invalid Route Origins","authors":"Taejoong Chung, E. Aben, Tim Bruijnzeels, B. Chandrasekaran, D. Choffnes, Dave Levin, B. Maggs, A. Mislove, R. V. Rijswijk-Deij, John P. Rula, N. Sullivan","doi":"10.1145/3355369.3355596","DOIUrl":"https://doi.org/10.1145/3355369.3355596","url":null,"abstract":"Despite its critical role in Internet connectivity, the Border Gateway Protocol (BGP) remains highly vulnerable to attacks such as prefix hijacking, where an Autonomous System (AS) announces routes for IP space it does not control. To address this issue, the Resource Public Key Infrastructure (RPKI) was developed starting in 2008, with deployment beginning in 2011. This paper performs the first comprehensive, longitudinal study of the deployment, coverage, and quality of RPKI. We use a unique dataset containing all RPKI Route Origin Authorizations (ROAs) from the moment RPKI was first deployed, more than 8 years ago. We combine this dataset with BGP announcements from more than 3,300 BGP collectors worldwide. Our analysis shows the after a gradual start, RPKI has seen a rapid increase in adoption over the past two years. We also show that although misconfigurations were rampant when RPKI was first deployed (causing many announcements to appear as invalid) they are quite rare today. We develop a taxonomy of invalid RPKI announcements, then quantify their prevalence. We further identify suspicious announcements indicative of prefix hijacking and present case studies of likely hijacks. Overall, we conclude that while misconfigurations still do occur, RPKI is \"ready for the big screen,\" and routing security can be increased by dropping invalid announcements. To foster reproducibility and further studies, we release all RPKI data and the tools we used to analyze it into the public domain.","PeriodicalId":20640,"journal":{"name":"Proceedings of the Internet Measurement Conference 2018","volume":"113 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74536168","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 49
期刊
Proceedings of the Internet Measurement Conference 2018
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1