Researchers at UC San Diego have come up with a novel idea how to detect and analyze outages on the global Internet that may be caused by censorship or natural disasters.
They believe that garbage traffic generated by malware and malicious scanning activities, commonly described as Internet background radiation (IBR), could be a valuable tool and early warning indicator when parts of the Internet are not reachable.
As part of their research, the approach not only provides insight of plain outages, but also the causes and possible geopolitical strategies. For example, the researchers at UCSD found that Gaddafi government of Libya may have tested a firewall "to conduct higher precision host-based blocking while they were executing the coarser approach of router-based disconnection." The measurements were possible via UCSD's network telescope, which operates similar to what one would consider a garbage collector of network traffic on the Internet.
So far, the technology is not advanced enough to come up with an early warning system for natural disasters, the researchers said, but they have been experimenting with metrics that may lead them to that goal. For example, they focused on a significant shift of the number of IP addresses that reach the monitoring receiver. Their initial IBR traffic research showed that Japan's devastating Tohoku earthquake "had much higher impact on network infrastructure than the Christchurch earthquake [in New Zealand]." The observation allowed them to determine the geographic extent of the disasters, likely damage, and approximate restoration times.
If this system is designed to detect internet outages, how could it predict future natural disasters? It's cause and effect, and you can't read the effect before it's been caused.
If this system is designed to detect internet outages, how could it predict future natural disasters? It's cause and effect, and you can't read the effect before it's been caused.
"No botnets reporting in from New Zealand, there must be something wrong." This seems like a bad way of determining there was an event and really tells me we have too big of a malware issue. Using malware essentially as the heartbeat of the Internet sends the wrong message about malware and basing a warning system on things people do not want and actively work to remove seems likea not so smart idea..... It's like determining the human population in an area based on the number of cockroaches.
Easier said than done. Why not turn the lemons into lemonades?
Cut lemons, squeeze juice, add water and sugar to taste.
Done.
Now how about cleaning the internet from junk?
I believe you missed the point entirely. You can't get rid of all internet radiation. It's like trying to kill all the mice/cockroaches/disease in the world. Even if we know they are there it's another issue entirely to remove it.
As long as it is here we might as well use it for a censorship indicator. I don't see any good coming out of it as a disaster indicator though, because by the time internet goes down in an area you already should have news that something happened, in other words the data is rendered useless.
My thoughts exactly. If it's only detected once it's taken place, then it's already too late to give an "early" warning.
Worse, even if you detect the disaster how are you doing to notify them?
"Their internet is out! Quick! Send them an email!"
Early warning system means detecting the disaster as it happens rather than after or before it happens. The problem with this is that the disasters might not immediately disrupt internet traffic so it only detects the loss of internet traffic if the disaster or what have you after it has already done enough damage to disrupt internet traffic.
This is a useful way to look out for the changing internet policies set but governments such as more or less immediate notice of firewalls being set up, but it's usefulness as a disaster detection technology may be rather limited because most other detection technologies may have already noticed the disasters by the time the internet traffic is disrupted.
This may be able to detect some disasters before other detection systems so it's not useless as disaster detection. For example, an earthquake may go unnoticed for hours outside of where it hits, but the internet traffic could be down well before the seismic detectors notice the earthquake so it could tell us what happened hours before other detection tech knows about it.
This may help us get relief efforts set up a little faster. Theoretically, it could help get people saved from stuff like collapsed buildings faster and thus increase the chances of survival for the victims.
Also, knowing about another country shutting some traffic out and/or in could be an indicator of international aggression so the issues may be able to be resolved faster peacefully, or we may at least know that something worse is about to happen before there is an attack.
it's a pity there was never a button put in browsers to click on to report the site as spam that went to a collection report for network admins so they could ban the IP and the admin at the IP site could report that the problem was removed. an auto ban would be even nicer as people could just hit report site as spam and after so many reports generated the IP went on an internet wide reported banned IP. if any one could follow that.
patent it, free idea, i don't want to do the work.
Personally, I would rather see all the malware makers and scipt kiddies creating this internet junk be in the earthquake.