Internet Routing
XORP: eXtensible Open-source Router Platform
The goal of the XORP project is to develop an open
source software router platform that is stable and fully featured enough
for production use, and flexible and extensible enough to enable network
research. Currently XORP implements routing protocols for IPv4 and OPv6
and a unified means to configure them. A future goal is to support
custom hardware and software forwarding architectures.
Network Intrusion Detection
Bro: a Network Intrusion Detection System
Bro is a Unix-based Network Intrusion Detection
System (IDS). Bro monitors network traffic and detects intrusion
attempts based on the traffic characteristics and content. Bro detects
intrusions by comparing network traffic against rules describing events
that are deemed troublesome. These rules might describe activities
(e.g., certain hosts connecting to certain services), what activities
are worth alerting (e.g., attempts to a given number of different hosts
constitutes a "scan"), or signatures describing known attacks or access
to known vulnerabilities. If Bro detects something of interest, it can
be instructed to either issue a log entry or initiate the execution of
an operating system command. It is currently running at LBL, ICSI, and
UC Berkeley. The Bro
Website
Novel Internet Architectures
IRIS: Infrastructure for Resilient Internet
Systems
The NSF funded IRIS project is developing a novel
decentralized infrastructure, based on distributed hash tables (DHTs),
that will enable a new generation of large-scale distributed
applications. DHTs are robust in the face of failures, attacks and
unexpectedly high loads. They are scalable, achieving large system
sizes without incurring undue overhead. They are self-configuring,
automatically incorporating new nodes without manual intervention or
oversight. They provide a simple and flexible interface and are
simultaneously usable by many applications. The IRIS Project
Website. ICSI researchers are working specificaly on a layered naming architecture for the Internet, delegation-oriented architecture, and untangling the web from DNS (Domain Name System).
Packet Obituaries
ICSI research on packet obituaries is funded through the NSF's Robust ITR Program. The Internet is transparent to success but opaque to failure. This veil of ignorance prevents ISPs from detecting failures by peering partners, and hosts from intelligentely adapting their routes to adverse network conditions. To rectify this, Networking Group researchers propose an accountability framework that would tell hosts where their packets have died. There is a preliminary version of this framework which has been analyzed for its viability.
Reactive Network Measurement
Reactive measurement (REM) is a measurement technique in which
one measurement's results are used to decide what (if any) additional
measurements are required to further understand some observed
phenomenon. While reactive measurement has been used on occasion in
measurement studies, what has been lacking is (i) an examination of its
general power, and (ii) a generic framework for facilitating fluid use
of this approach. ICSI researchers believe that by enabling the
coupling of disparate measurement tools, REM holds great promise for
assisting researchers and operators in determining the root causes of
network problems and enabling measurement targeted for specific
conditions. This project aims to explore REM's power by developing a
prototype REM system and applying it to perform a number of measurement
studies. This research is made possible with funding from Cisco
Systems.
Traces
Modeling enterprise traffic: The characteristics of network
traffic within an enterprise have gone unexamined in the
literature for more than a decade. This project aims to develop such a
characterization for modern Internet traffic, as recorded internal to
the Lawrence Berkeley National Laboratory. Such basic questions as
"What are the dominant types of traffic" and "How do the traffic
patterns differ from wide-area Internet traffic" remain unanswered.
Thus, this effort has the potential to yield many interesting and
possibly surprising results.
Internet Congestion Control
The Networking Group is researching methods of Internet congestion control. They have designed a new protocol, Datagram Congestion Control Protocol (DCCP), that combines unreliable datagram delivery with built-in congestion control. DCCP is in the final stages of standardization in the IETF. There
is also research being conducted on congestion control in high BER networks, detecting spurious retransmissions, reducing RTOs in TCP, bursting in transport protocols, and QuickStart, an optional mechanism that flows could use to get approval from routers to send at a high sending rate on a significantly-underutilized path.
Sensornets
Work on Sensornets at ICSI includes practical and robust
geographic routing, beacon-vector routing (BVR) and work towards a
Sensornet Architecture. Researchers improved upon problems with current
geographic routing proposals with the Cross-Link Detection Protocol
(CLDP), which enables provably correct geographic routing on
arbitrary connectivity graphs. Beacon-vector routing assigns
coordinates to nodes based on the vector of distances (hop count) to a
small set of beacons, and then defines a distance metric on these
coordinates. ICSI researchers are working to increase synergy between
research efforts in the field of sensornets through the creation of an
overall sensor network architecture. Such an architecture would identify
the essential components in a manner that transcends particular
generations of technology, allows innovation, and promots
interoperability.
More about the Networking Research Group
>>
top |
