Publisher DOI: 10.1145/3718958.3754347
Title: Lessons learned from operating a large network telescope
Language: English
Authors: Männel, Alexander 
Mücke, Jonas 
Claffy, K. C. 
Gao, Max 
Mok, Ricky K. P. 
Nawrocki, Marcin 
Schmidt, Thomas C.  
Wählisch, Matthias 
Keywords: Internet Telescope; Internet Measurement; Infrastructure Operation; IPv4; Darknet; Network telescope; Passive measurements; Operational experience; Research infrastructure; UCSD-NT
Issue Date: 2025
Publisher: Association for Computing Machinery
Book title: Proceedings of the ACM SIGCOMM 2025 Conference
Part of Series: ACM Conferences 
Startpage: 826
Endpage: 841
Conference: ACM SIGCOMM Conference 2025 
Abstract: 
Network telescopes (aka darknets) collect unsolicited Internet traffic (aka Internet background radiation or IBR), which includes benign and malicious scanning as well as artifacts of spoofed denial-of-service attacks and misconfigured software and hosts. Analysis of this traffic has revealed macroscopic insights into security-related events and global network dynamics such as outages. Operating a large-scale network telescope is challenging but often taken for granted, more so than in more mature scientific disciplines. We offer the first study documenting our experiences operating the UCSD Network Telescope, the largest and longest-operating network telescope supporting scientific research. We provide background on the history of the telescope, and focus on increasing operational challenges as the underlying network evolves. We develop and apply techniques to leverage third-party scanning activity to validate the integrity of the data, and to discover misconfigurations in the instrumentation. These insights are crucial for understanding measurement results, which we illustrate using concrete examples. We discuss how our findings generalize to support the expanding ecosystem of other passive techniques, such as honeypots, to track security phenomena.
URI: https://hdl.handle.net/20.500.12738/19516
ISBN: 979-8-4007-1524-2
Review status: This version was peer reviewed (peer review)
Institute: Fakultät Technik und Informatik (ehemalig, aufgelöst 10.2025) 
Department Informatik (ehemalig, aufgelöst 10.2025) 
Type: Chapter/Article (Proceedings)
Appears in Collections:Publications without full text

Show full item record

Google ScholarTM

Check

HAW Katalog

Check

Add Files to Item

Note about this record


This item is licensed under a Creative Commons License Creative Commons