Internet Measurement Initiatives in the Wisconsin Advanced Internet Lab

Talk Objectives

Motivation for New Tools

An Internet Instance Lab

Key Challenges

The Wisconsin Advanced Internet Lab

External Environment

Project 1:  Detecting Anomalies in IP Flows

Our Data Sets

Multiresolution Analysis

Ambient IP Flow Traffic

Flow Traffic During DoS Attacks

Deviation Score for Three Anomalies

Project 2:  Coordinated Intrusion Detection

DOMINO:  A new approach to DNIDS

Marginal Utility of Adding Nodes

SQL-Sapphire Analysis

Project 3:  Understanding Packet Loss

Active versus Passive Loss Measures

Result:  Active <> Passive

Summary