Report from the Passive and Active Measurement Conference 2012

PAM is the oldest Internet measurement conference, started in 2000. This year’s edition took place in Vienna in March 2012.

The keynote was given by Yuval Shavitt (Tel Aviv University) on “Internet Topology Measurement: Past, Present, Future”. Topology measurements are still an active area of research, as our visibility of the Internet topology is still limited, and subject to significant biases whose impact is still being investigated by the research community.

Session on Malicious Behavior
- Detecting Pedophile Activity in Bittorent Networks: P2P networks are used for various illegal activities, such as pedophile.
- Re-Wiring Activity of Malicious Networks: Malicious networks tend to loose their connectivity when their activities are spotted. This study looks at the visibility of network re-wiring.

Session on Traffic Evolution and Analysis
- Unmasking the Growing UDP Traffic in a Campus Network: UDP traffic is becoming more and more popular, for example in China it has been reported to be as high as 80% is some networks. This paper provides similar evidence from Korea.
- Investigating IPv6 Traffic—What happened at the World IPv6 Day? Despite efforts such as the IPv6 world day, there is still little IPv6 traffic in the Internet. This paper studies what happened during the IPv6 World Day based on two vantage points, one campus network in the US and a large IXP in Germany.
- An End-Host View on Local Traffic at Home and Work: This paper compares local and wide-area traffic from end-hosts connected to different home and work networks.
- Comparison of User Traffic Characteristics on Mobile-Access versus Fixed-Access Networks: Mobile traffic is growing, and we still do not know much about how it differs from traffic seen on wired networks.

Session on Evaluation Methodology
- SyFi: A Systematic Approach for Estimating Stateful Firewall Performance: Firewalls are pervasive in today’s Internet given the need to protect networks from attacks. This paper builds a predictive model of the throughput achieved by commercial firewalls.
- OFLOPS: An Open Framework for OpenFlow Switch Evaluation: Current OpenFlow implementations have different levels of maturity. This work proposes a framework to test OpenFlow implementations capabilities.
- Probe and Pray: Using UPnP for Home Network Measurements: UPnP is nowadays becoming a popular active measurement platform. This paper studies the limitations as well as the usefulness of this platform.

Session on Large Scale Monitoring
- BackStreamDB: A Distributed System for Backbone Traffic Monitoring Providing Arbitrary Measurements in Real-Time. Distributed approaches for traffic monitoring are the future. Nice piece of work.
- A Sequence-oriented Stream Warehouse Paradigm for Network Monitoring Applications. Mining large-scale data is a pain, and networking is no exception. This paper proposes SQL extensions to ease the monitoring of networks by allowing to express sequence-oriented queries in a declarative language.
- PFQ: a Novel Engine for Multi-Gigabit Packet Capturing With Multi-Core Commodity Hardware. Unleashing the power of multi-cores to deliver amazing packet copying to user-space apps!

Session on New Measurement Initiatives
- Difficulties in Modeling SCADA Traffic: A Comparative Analysis: One of the few measurements of M2M traffic. Nothing surprising in terms of traffic properties, given the small scale of these traffic traces.
- Characterizing delays in Norwegian 3G networks: Yet another study of 3G networks. The talk generated heated comments on the limitations of the methodology.
- On 60 GHz Wireless Link Performance in Indoor Environments: Studies the use of 60 GHz wireless indoors and the conditions under which it works (LOS and NLOS). Pretty positive results…
- Geolocating IP Addresses in Cellular Data Networks: Very interesting geolocation paper that confirms previous work on the issues with geolocation databases.

Session on Reassessing Tools and Methods
- Speed Measurements of Residential Internet Access. How do bandwidth probing tools compare when using them to measure the available bandwidth of residential users?
- One-way Traffic Monitoring with iatmon. Using one-way delay measurements to track changes in traffic behavior and classifying different traffic sources.
- A Hands-on Look at Active Probing using the IP Prespecified Timestamp Option. IP options are not very widely used, despite their potential applicability. This work shows more evidence for the discrepancy between RFC and implementations.

Application Protocols
- Xunlei: Peer-Assisted Download Acceleration on a Massive Scale. A must-read: one of the pieces of the future in content delivery platforms!
- Pitfalls in HTTP Traffic Measurements and Analysis. What you should not trust from packet-level data when analyzing HTTP traces.
- A Longitudinal Characterization of Local and Global BitTorrent Workload Dynamics. Nice study of different types of content delivered through BitTorrent (file size, throughput, type of content).

Perspectives on Internet Structure and Services
- Exposing a Nation-Centric View on the German Internet – A Change in Perspective on the AS Level. Trying to define the AS-level ecosystem of Germany, still unclear whether it makes any sense, even though many defense agencies would like to be able to define it.
- Behavior of DNS’ Top Talkers, a .com/.net View. First ever analysis of the .com and .net TLD servers. Very interesting observations about IPv6 DNS, as well as the set of DNS resolvers that are the top talkers with the TLD servers. Must-read for DNS.
- The BIZ Top-Level Domain: Ten Years Later. Thinking about what will happen with the biz domain given the last 10 years or its use, especially defensive registrations. Must-read for DNS.

Report from IEEE INFOCOM 2012

Day 1: Mini-conference
Mini-conference papers are those that were discussed but not accepted in the main conference. They’re borderline papers, though sometimes more thought-provoking than
papers accepted at the main conference. Also, the variety in the topics of these
mini-conference papers is better than those accepted at the main conference.

Day 2: Conference opening, keynote, and afternoon sessions
Conference received about 1500 papers, less than 300 were accepted. A few awards were given during the opening. The keynote was given by Broadcom CTO. The topic was data-centers, very focused on the switch product line of Broadcom. Very limited comments on management or new topics such as OpenFlow were given despite being interesting for the research community.

The main conference was organized as 6 parallel tracks. 10 sessions addressed sensor networks design, showing the increased importance of this topic, strongly related to Internet of Things. A significant fraction of the papers deal with non-wired communications, such as sensors, wireless and mobile communications. Hot topics such as data-centers, cloud/grid, social computing, energy-efficiency, software-defined radio, are of course getting more attention than they used to in the past. The only missing topic surprisingly is optical communications.

Day 3
Sessions on cloud/grid were interesting, covering many aspects of the issues in cloud. INFOCOM being a rather applied theory conference, most of the papers address topics from an optimization, game theory, or performance evaluation viewpoint. The session on network optimization was the most interesting of the day in my opinion, with 3 papers from Google about traffic engineering on the Google network, worth reading.

Day 4
This last day of the conference was very interesting, with sessions on Internet measurement, Future Internet architectures, and Internet routing and router design. Multiple very interesting papers, such as:
- A Hybrid IP Lookup Architecture with Fast Updates: this paper proposes to fast IP lookups by using both TCAM and SRAM/FPGA to ensure updates have limited disruptive impact on lookups.
- Transparent acceleration of software packet forwarding using netmap: bypassing the TCP/IP stack through simplified drivers that allow applications to speak directly with the NICs.

Report from ACM EuroSys MPM2012 workshop

Measurement, Privacy, and Mobility (MPM 2012)

Keynote from Steve Uhlig on content delivery platforms, agile network measurement, and understanding the can ecosystem, the adaptation to change in demand is slow today, so it will be better to use virtualisation technologies to manage the demand shifts. There is growing infrastructure and storage diversity which allows for universal content delivery, so virtualisation can enable mobility and agile services.
dswiss. Secure safe
Attackers have a variety of methods for accessing the data, password solutions are not enough. It is possible to scan the whole ipv4 address space in a day. Trust on cloud providers is based on social prestige. They use secure remote password (srp) in order to avoid MITM attacks on passwords even on insecure channels. In addition to that, a number of key chains and symmetric and asymmetric keys are used to enable document sharing, however if the user forgets their password AND their recovery code, the data is deleted. Encourages providers to prevent employee access to data.

David Evans, malfunction analysis and privacy attacks
Sensors in buildings have privacy implications since they are not protected. Classifying data using tags, enable reflection of physical environment and do reasoning on privacy implications of sensing in the physical world. Tags can be based on sensor, location and time. This allows for analysis of sensitivity of data in different context and using different data sources in conjunction with one another.

Miguel Nunez, Markova based location mobile prediction
Predicting trajectories is important for services such as content delivery, tourist information, weather reports etc. this has been done using raw trajectories or clustering of trajectories using semantic mapping. Using Markova models allows probabilistic prediction of sequence of states, using density joint clusters. They used microsoft geolife data set and their own data set to train and test the n-MMC which gives them about 70-80% accuracy especially for higher number of user POIs.
ANOSIP: Anonymizing the SIP Protocol
Iraklis Leontiadis (Institute Eurecom)
SIP Used often for phone conferencing, with text based call flow messages. The aim of the work is to protect the ID of user from the call portals or man in the middle attacks. Use a number of techniques to achieve this.

Online Privacy: From Users to Markets to Deployment
Dr Vijay Erramilli (Telefónica I+D Research, Spain)
Economic model of web: free service for personal data, so advertising and economy is the main driver. They want to understand monetization aspect. Check paper on arxiv. They carried out questionnaire using browser plugin to ask users about value of their actions. Highly revisited data and sites yield high gains. Conducting economics and marketing solutions to understand the ecosystem more.

Confidential Carbon Commuting
Chris Elsmore, Anil Madhavapeddy, Ian Leslie, and Amir
Understanding employee commute is important, however it is hard to collect the data. University used an app to collect user data. Personal container is used for data aggregation. It allows sensitive questions to be asked about employee habits. Check
The Impact of Trace and Adversary Models on Location Privacy Provided by K-anonymity
Volkan Cambazoglu and Christian Rohner (Uppsala University)
Used trace generation on different walk models for simulating locations. Used k-anonymity for identity protection and obfuscation for time of event hiding.

An Empirical Study on IMDb and its Communities Based on the Network of Co-Reviewers , Maryam Fatemi and Laurissa Tokarchuk
Interaction between people and content on social networks is important. There are a number of recommendation systems available but they suffer from shortcomings. A number of methods are used for comparison of movie review communities on imdb. So must take into account genres and context.

Providing Secure and Accountable Privacy to Roaming 802.11 Mobile Devices , Panagiotis Georgopoulos, Ben McCarthy, and Christopher Edwards
Mobile devices require connectivity and security. Differences in protocols and accesses point configs effect user mobility. An eduroam equivalent can work. Use CUI RFC4372. The idea is that request is anonymous access network, but relays alias to home network for authentication. Real ipv6 deployment test is done in lancaster.

When Browsing Leaves Footprints – Automatically Detect Privacy Violations
Hans Hofinger, Alexander Kiening, and Peter Schoo (Fraunhofer Research Institution for Applied and Integrated Security AISEC)
Introduced prividor, privacy violation detector via browser add-on. There are a large number of web techniques for user tracking such as cookies and scripts. A database is used for keeping track of bad sites, in addition to code checking. A centralised version is chosen for better management.


EPSRC COMNET Workshop report, February 9-10, QMUL

Report for EPSRC Workshop on Social Networks and Communications

9-10 February, Queen Mary University of London

Organisers: Hamed Haddadi, Laurissa Tokarchuk, Mirco Musolesi, Tristan Henderson

The COMNET workshop was aimed at bringing leading researchers and
academics working within the Digital Economy and Networking research
in UK together. Over the two days, over 50 people from academic and
industrial institutions attended the workshop. The workshop was very
interactive, with a very low number of engaging talks, a number of
“proposal writing” and “challenge solving sessions, and a high number
of informal introductions and project bootstrapping. The high number
of emails, messages and interactions on social networks afterwards was
indicative of the success of the workshop, a program for which can be
found on .

The keynote talk was delivered by Professor Yvonne Rogers (UCL), expert in Human-Computer Interaction (HCI). She highlighted the need for designing equipment and websites, which are also suitable for elderly, disabled or less educated members of the society. She also demonstrated a range of simple products and ideas enabling shoppers to understand the healthiness of their products. The talk was followed by an individual introduction by every participant, where research interests and industrial relevance were discussed.

The afternoon session of the first day was followed by talks from Dr Abhijit Sengupta, (Unilever) and Dr Stuart Battersby, (Chatterbox Analytics) who both discussed the new use of digital media and social media for advertising and brand marketing. They highlighted the strong need for collaboration between graph theorists, complex network researchers and NLP experts in order to understand the large volume of data. This is also in line with EPSRC Big Data research focus area.

Cecilia Mascolo (Uni. of Cambridge) delivered the Friday morning talk on different aspects of research on social networks and challenges, which are to be solved. This talk was followed immediately by the second break out group exercise, which aimed to solve some of the challenges in making social networks more secure for users and useful for different organisations, being friendship recommendation websites or crowd control scenarios.


Professor Derek McAuley (Horizon Digital Economy) concluded the workshop with an overview of the discussions, challenges and ideas presented and brought up in the workshop, discussing possible potential avenues for research into digital economy. Some of which are listed below.
Overall, the participants discussed a number of ethical, securities, scalability issues around digital economy themed projects such as green networking, human-computer interaction, Online Social Networks and personal data.

The researchers highlighted a number of strategic areas where more
cooperation and collaboration between academia, industry and
governments is required:
i) Scaling up social science and scaling down complex systems
research: Currently, there is a big gap between social networks
researchers, focusing on long term monitoring and study of a very low
number of subjects, and complex systems researchers, trying to crunch
data about millions of users without focusing on individual
interactions. This gap needs to be narrowed.
ii) Clear ethics: researchers should take more responsibility towards
collection, storage and sharing of publicly available data, especially
since aggregation fo such data can ease correlations and inferences.
We can also drive this forward via innovative systems.
iii) Formation of incentives: experiments should aim to bring out
right incentives, and to include a diverse range of participants.
iv) Think Globally: Currently, The law is always lagging behind
technology and usually Technology designed in a single country and
deployed everywhere, so researchers must take into account ethical,
cultural and moral implications.
v) Digital inclusion: There is need for more work on HCI and easier
access technology for inclusion of older generation to the Internet
As one researcher puts it, “ At some points I even felt like suggesting to the others that we should write a grant proposal about our ideas”, and another” a
very interesting and insightful workshop. I enjoyed the discussions immensely.” And some personal blog post:

We acknowledge the EPSRC COMNET program for providing funding for this
exciting workshop and hope to be able to organize further future
events regularly.