Detecting Internet Outages with Active Probing
نویسندگان
چکیده
With businesses, governments, and individuals increasingly dependent on the Internet, understanding its reliability is more important than ever. Network outages vary in scope and cause, from the intentional shutdown of the Egyptian Internet in February 2011, to outages caused by the effects of March 2011 earthquakes on undersea cables entering Japan, to the thousands of small, daily outages caused by localized accidents or human error. In this paper we present a new method to detect network outages by probing entire blocks. Using 24 datasets, each a 2-week study of 22,000 /24 address blocks randomly sampled from the Internet, we develop new algorithms to identify and visualize outages and to cluster those outages into network-level events. We validate our approach by comparing our data-plane results against controlplane observations from BGP routing and news reports, examining both major and randomly selected events. We confirm our results are stable from two different locations and over more than one and half years of observations. We show that our approach of probing all addresses in a /24 block is significantly more accurate than prior approaches that use a single representative for all routed blocks, cutting the number of mistake outage observations from 44% to under 1%. We use our approach to study several large outages such as those mentioned above. We also develop a general estimate for how much of the Internet is regularly down, finding about 0.3% of the Internet is likely to be unreachable at any time. By providing a baseline estimate of Internet outages, our work lays the groundwork to evaluate ISP reliability.
منابع مشابه
Detecting Internet Outages with Precise Active Probing
Parts of the Internet are down every day, from the intentional shutdown of the Egyptian Internet in Jan. 2011 and natural disasters such as the Mar. 2011 Japanese earthquake, to the thousands of small outages caused by localized accidents, and human error, maintenance, or choices. Understanding these events requires efficient and accurate detection methods, motivating our new system to detect n...
متن کاملWrinkles in Time: Detecting Internet-wide Events via NTP
Understanding the nature and characteristics of Internet events such as route changes and outages can serve as the starting point for improvements in network configurations, management and monitoring practices. However, the scale, diversity, and dynamics of network infrastructure makes event detection and analysis challenging. In this paper, we describe a new approach to Internet event measurem...
متن کاملTTP: Medium: Detection and analysis of large-scale Internet infrastructure outages
Our dependence on the Internet has rapidly grown much stronger than our comprehension of its underlying structure, global dynamics, operational threats, and overall network health. Widescale Internet service disruptions – even politically-motivated interference with Internet access in order to hinder anti-government organization – are not new. But the scale, duration, coverage, and violent cont...
متن کاملCyberProbe: Towards Internet-Scale Active Detection of Malicious Servers
Cybercriminals use different types of geographically distributed servers to run their operations such as C&C servers for managing their malware, exploit servers to distribute the malware, payment servers for monetization, and redirectors for anonymity. Identifying the server infrastructure used by a cybercrime operation is fundamental for defenders, as it enables take-downs that can disrupt the...
متن کامل