Longitudinal study of large-scale traceroute results
Rohrer, Justin P.
MetadataShow full item record
Traceroute is a popular active probing technique used by researchers, operators, and adversaries to map the structure and connectivity of IP networks. However, traceroute is susceptible to making inaccurate inferences. We perform a large-scale longitudinal investigation of traceroute artifacts to find anomalies that may be indicative of network errors, misconfiguration, or active deception efforts. Using the IPv4 Routed /24 Topology Dataset from the Center for Applied Internet Data Analysis (CAIDA), we provide a taxonomy of traceroute results, including anomalous and unexpected artifacts. We analyze the distribution of the observed artifacts and attempt to find attribution to the cause of each. Finally, we provide a longitudinal analysis of multi-protocol label switching in order to explore possible explanations for unexplained artifacts.
Approved for public release; distribution is unlimited
Showing items related by title, author, creator and subject.
Ivanov, L.M.; Collins, C.A.; Margolina, T.M. (2012-08);Recent analyses of observations and ocean model outputs have revealed coherent low-frequency quasizonal jets in observed sea surface height (SSH) anomaly and model velocity fields. The jets were latent, that is, they ...
Phua, Weiyou Nicholas (Monterey, California: Naval Postgraduate School, 2015-09);For all purposes and intents, being able to infer the topology of a network is crucial to both operators and adversaries alike. Tracer-oute is a common active probing technique but it may be subverted by deceptive responses. ...
Trassare, Samuel T. (Monterey, California: Naval Postgraduate School, 2013-03);Adversaries scan Department of Defense networks looking for vulnerabilities that allow surveillance or the embedding of destructive malware weapons. In cyberspace, adversaries either actively probe or passively observe ...