Naming and Internet Protocol Experimentation Testbed (NIPET)

Naming and Internet Protocol Experimentation Testbed (NIPET)

DNS operations are a critical part of Internet infrastructure, yet they are largely closed to researchers today, with no formal path to fielding new technology or even observing current status. These challenges are particularly accurate for root nameservers and important top-level domains.

As a result, evolution is slow and operational information is very limited. Innovation is limited to a very few organizations, and often superseded by commercial interests or operational limitations.

We are working to investigate new approaches to DNS operations, to investigate how DNS operations can safely interact with researchers, and developing approaches for privacy-preserving data analysis and controlled testing. Requirements of this research are protecting the privacy of DNS users and the integrity of operational systems, while allowing meaningful research.

Proposed Testbed Architecture

(Click for details)

Support and Collaborations

This work is partially supported by NSF (CI-P: Planning for Identity and Naming Experimentation Shared Testbed, NSF award 1513213, 2015-2016).

NIPET has received prior support through the USC/ISI New Research Initiatives Council (link is ISI internal) and USC/ITS, June 2012-2013.

This research is done in cooperation with USC/ITS and the B Root DNS server (operated by USC).

Faculty, Researchers and Students

Current

  • Wes Hardaker, researcher (USC/ISI)
  • John Heidemann, PI on this project, project leader and professor (USC/ISI)
  • Yuri Pradkin, researcher (USC/ISI)

Alumni

  • Gregory Finn, researcher (USC/ISI)
  • Abdul Qadeer, PhD student (USC CS Dept. and ISI)
  • Liang Zhu, USC CS PhD graduate (2018) (USC CS Dept. and ISI)

Software

See the see the ANT distribution web page.

See the see the ANT distribution web page.

We are developing DNS anonymization software.

Datasets

  • Dataset development in progress.

ANT: the Analysis of Network Traffic research group

We Want To Hear From You!

You have the opportunity to influence the design of this testbed, as our goal is to build a facility and network that you can make the best use of in your research. The architecture above is in its early stages of design, and we want your feedback about:

  • What requirements would you like our infrastructure to meet?
  • What research projects would this architecture let you study?
  • What changes would you like to suggest to the architecture?
  • What tools would you like to make sure we offer?
  • How would you like to collaborate with us?

Publications

  • Giovane C. M. Moura, John Heidemann, Ricardo de O. Schmidt and Wes Hardaker 2019. Cache Me If You Can: Effects of DNS Time-to-Live. Proceedings of the ACM Internet Measurement Conference (Amsterdam, the Netherlands, Oct. 2019), to appear. [DOI] [PDF] Details
  • Kensuke Fukuda and John Heidemann 2018. Who Knocks at the IPv6 Door? Detecting IPv6 Scanning. Proceedings of the ACM Internet Measurement Conference (2018, Oct. 2018). [DOI] [PDF] Details
  • Giovane C. M. Moura, John Heidemann, Moritz Müller, Ricardo de O. Schmidt and Marco Davids 2018. When the Dike Breaks: Dissecting DNS Defenses During DDoS. Proceedings of the ACM Internet Measurement Conference (Oct. 2018). [DOI] [PDF] Details
  • Liang Zhu and John Heidemann 2018. LDplayer: DNS Experimentation at Scale. Proceedings of the ACM Internet Measurement Conference (Boston, Massachusetts, USA, Oct. 2018), to appear. [DOI] [PDF] [Code] Details
  • Giovane C. M. Moura, John Heidemann, Ricardo de O. Schmidt and Wes Hardaker 2019. Cache Me If You Can: Effects of DNS Time-to-Live (extended). Technical Report ISI-TR-734b. USC/Information Sciences Institute. [PDF] Details
  • Giovane C. M. Moura, John Heidemann, Moritz Müller, Ricardo de O. Schmidt and Marco Davids 2018. When the Dike Breaks: Dissecting DNS Defenses During DDoS (extended). Technical Report ISI-TR-725b. USC/Information Sciences Institute. [PDF] Details
  • Wes Hardaker 2018. Analyzing and Mitigating Privacy with the DNS Root Service. Proceedings of the ISOC NDSS Workshop on DNS Privacy (San Diego, California, USA, Feb. 2018). [PDF] Details
  • Basileal Imana, Aleksandra Korolova and John Heidemann 2018. Enumerating Privacy Leaks in DNS Data Collected Above the Recursive. Proceedings of the ISOC NDSS Workshop on DNS Privacy (San Diego, California, USA, Feb. 2018). [PDF] [Dataset] Details
  • Lan Wei and John Heidemann 2018. Does Anycast Hang up on You (UDP and TCP)? IEEE Transactions on Network and Service Management. 15, 2 (Feb. 2018), 707–717. [PDF] Details
  • Liang Zhu and John Heidemann 2017. LDplayer: DNS Experimentation at Scale. Technical Report 722. USC/Information Sciences Institute. [PDF] [Code] Details
  • Wouter B. de Vries, Ricardo de O. Schmidt, Wes Hardaker, John Heidemann, Pieter-Tjerk de Boer and Aiko Pras 2017. Verfploeter: Broad and Load-Aware Anycast Mapping. Proceedings of the ACM Internet Measurement Conference (London, UK, 2017), 477–488. [DOI] [PDF] [Dataset] Details
  • Moritz Müller, Giovane C. M. Moura, Ricardo de O. Schmidt and John Heidemann 2017. Recursives in the Wild: Engineering Authoritative DNS Servers. Proceedings of the ACM Internet Measurement Conference (London, UK, 2017), 489–495. [DOI] [PDF] [Dataset] Details
  • Lan Wei and John Heidemann 2017. Does Anycast Hang up on You? IEEE. [DOI] [PDF] Details
  • Wouter B. de Vries, Ricardo de O. Schmidt, Wes Hardaker, John Heidemann, Pieter-Tjerk de Boer and Aiko Pras 2017. Verfploeter: Broad and Load-Aware Anycast Mapping. Technical Report ISI-TR-719. USC/Information Sciences Institute. [PDF] [Dataset] Details
  • Ricardo de O. Schmidt, John Heidemann and Jan Harm Kuipers 2017. Anycast Latency: How Many Sites Are Enough? Proceedings of the Passive and Active Measurement Workshop (Sydney, Australia, Mar. 2017), to appear. [PDF] Details
  • Liang Zhu and John Heidemann 2017. Infrastructure for Experimental Replay and Mutation of DNS Queries. Talk at CAIDA Active Internet Measurement Workshop (AIMS). [PDF] Details
  • John Heidemann 2017. DNS Privacy, Service Management, and Research: Friends or Foes. Talk at ISOC NDSS Workshop on DNS Privacy . [PDF] Details
  • Lan Wei and John Heidemann 2017. Does Anycast Hang up on You? (extended). Technical Report ISI-TR-716. USC/Information Sciences Institute. [PDF] Details
  • John Heidemann 2016. Distributed Denial-of-Service: What Datasets Can Help? Invited talk at ACM Annual Computer Security Applications Conference. [PDF] Details
  • Giovane C. M. Moura, Ricardo de O. Schmidt, John Heidemann, Wouter B. de Vries, Moritz Müller, Lan Wei and Christian Hesselman 2016. Anycast vs. DDoS: Evaluating the November 2015 Root DNS Event. Proceedings of the ACM Internet Measurement Conference (Nov. 2016). [DOI] [PDF] Details
  • John Heidemann, Ricardo de O. Schmidt and Jan Harm Kuipers 2016. Anycast Latency: How Many Sites are Enough? Presentation at DNS-OARC Meeting. [PDF] Details
  • John Heidemann, Giovane C. M. Moura, Ricardo de O. Schmidt, and Wouter B. de Vries, Moritz Muller, Lan Wei and Christian Hesselman 2016. Anycast vs. DDoS: Evaluating Nov. 30. Presentation at DNS-OARC Meeting. [PDF] Details
  • Giovane C. M. Moura, Ricardo de O. Schmidt, John Heidemann, Wouter B. de Vries, Moritz Müller, Lan Wei and Christian Hesselman 2016. Anycast vs. DDoS: Evaluating the November 2015 Root DNS Event (extended). Technical Report ISI-TR-2016-709b. USC/Information Sciences Institute. [PDF] Details
  • Ricardo de O. Schmidt, John Heidemann and Jan Harm Kuipers 2016. Anycast Latency: How Many Sites Are Enough? Technical Report ISI-TR-2016-708. USC/Information Sciences Institute. [PDF] Details
  • John Heidemann 2016. New Opportunities for Research and Experiments in Internet Naming And Identification. Talk at CAIDA Active Internet Measurement Workshop (AIMS). [PDF] Details
  • John Heidemann 2012. Broadening DNS Research: beyond just DNS anonymization (work in progress). Talk at ISC/CAIDA Data Collaboration Workshop. [PDF] Details
  • Xun Fan, John Heidemann and Ramesh Govindan 2012. Characterizing Anycast in the Domain Name System. Technical Report ISI-TR-2011-681. USC/Information Sciences Institute. [PDF] Details

For related publications, please see the ANT publications web page.