Alberto Dainotti

photo





Associate Professor
office: Klaus Advanced Computer Building, room 3336
email: dainotti AT gatech DOT edu


PGP key fingerprint: 039F FC8A C1AA E4EE 371A 7EC3 6948 20E3 FBB5 2865

My Google Scholar page

My CV

Full publication list in chronological order, or by topic, or by journal/conf/editorial

Updates

new [Mar 2022] "Quantifying Nations’ Exposure to Traffic Observation and Selective Tampering". DOUBLE Congrats to Alex for getting a key paper from his PhD thesis accepted at PAM 2022 and for the paper receiving the Best Dataset Award!

new [Jan 2022] This spring I will teach Internet Data Science (CS 8803)

new [Nov 2021] Our paper on two-phase scanners has been accepted at USENIX Security 2022.

new [Oct 2021] We had two papers accepted at IMC 2021.

new [Sep 2021] WIRED UK published a detailed article on Internet shutdowns with several quotes from our team and explaining IODA measurements in layman's terms.

new [Nov 2020] Amnesty International published A Web of Impunity: The killings Iran’s internet shutdown hid. I'm humbled that our IODA project contributed to this investigation highlighting the human rights costs of Internet shutdowns.

new [Oct 2020] Many congrats to Rama for leading our paper on IPv4 and IPv6 address assignment practices that was accepted at CoNEXT 2020

new [Aug 2020] We had two papers accepted at IMC 2020.

[Feb 2020] Data from our IODA project was featured in an article from the Wall Street Journal on Internet shutdowns.

[Dec 2019] We had two papers accepted at PAM 2020.

[Oct 2019] We received the IMC distinguished paper award for our study on identifying serial BGP hijackers.

[Jul 2019] Our study investigating use of DoS attacks during elections in autocracies has been published in the Journal of Conflict Resolution. Great multidisciplinary team. Some ideas developed during IMAPS Workshops. Many congrats @philutsc

[Jul 2019] Our paper on identifying Serial BGP Hijackers has been accepted at IMC 2019. Congrats especially to Cecilia@MIT for leading this work.

[Jul 2019] Check out our work on detecting anycast prefixes using only passive BGP data analysis just published on ACM SIGCOMM CCR. Congrats especially to @Ru1B1an and @haoscs, who btw is starting as Asst Prof. @ODU.

[Apr 2019] We had three papers accepted at TMA 2019!

[Dec 2018] Our paper on identifying correlated Internet connectivity failures was accepted to PAM '19.

[Dec 2018] Our Blink paper was accepted to USENIX NSDI '19.

[Aug 2018] Our ARTEMIS paper was accepted to IEEE/ACM Transactions on Networking.

[Aug 2018] Our paper on DoS attacks and BGP blackholing was accepted to IMC.

[Dec 2017] I'll serve as general co-chair for CoNEXT 2018 in Crete, GR together with Xenofontas Dimitropoulos.

[Nov 2017] Our work on inferring Carrier-Grade Deployments using passive measurements was accepted to IEEE INFOCOM 2018.

[Aug 2017] "Millions of Targets Under Attack: a Macroscopic Characterization of the DoS Ecosystem" accepted at IMC 2017

[May 2017] "SWIFT: Predictive Fast Reroute" accepted at ACM SIGCOMM 2017!!

[Jan 2017] I'll be co-chairing the ACM SIGCOMM 2017 Workshop on Big Data Analytics and Machine Learning for Data Communication Networks (Big-DAMA 2017). Consider submitting a paper!

[Dec 2016] Alistair has been awarded the 2017 IRTF Applied Networking Research Prize for our IMC paper on BGPStream!

[Jul 2016] I have been awarded a research grant from Cisco Systems for our work on BGPStream and to collaborate with them to add native support to OpenBMP.

[Jul 2016] Our paper on BGPStream will appear at IMC 2016. (pdf)

[Jul 2016] Read about the CAIDA BGP Hackathon 2016 on ACM SIGCOMM CCR.

[Feb 2016] I'm organizing the 1st CAIDA BGP Hackathon together with USC, RIPE NCC, Route Views, FORTH, UFMG.

[Nov 2015] Check out my invited talk at IETF 94 Measuring and Monitoring BGP

[Nov 2015] We just released BGPStream v1.0

[Sep 2015] Check out our latest paper at IMC 2015 on Leveraging Internet Background Radiation for Opportunistic Network Analysis

[Apr 2015] We published a follow-up analysis of the sipscan at TMA 2015: How Dangerous Is Internet Scanning? A Measurement Study of the Aftermath of an Internet-Wide Scan

[Dec 2014] North Korea got disconnected from the Internet a few times in the last days of 2014. We published a live graph of its BGP reachability status as a preview of our work on detecting and characterizing Internet outages

[Oct 2014] We published a technical report on our Internet census

[Aug 2014] Check our blog post about the recent Time Warner Cable outage

[Aug 2014] Submit your paper to the special issue on the International Journal of Network Management on ``Measure, Detect and Mitigate: Challenges and Trends in Network Security'' (Deadline 1st of December)

[Aug 2014] Our paper on discovering network tarpits in collaboration with Lance and Rob @ CMAND @ NPS was accepted at the Annual Computer Security Applications Conference (ACSAC), 2014.

[Jan 2014] New estimates of IPv4 address space usage in our paper accepted at ACM SIGCOMM CCR: ``Estimating Internet address space usage through passive measurements''

[May 2013] Check out our blog post about the scans from the Carna botnet. Cited also by WIRED (link)

[Dec 2012/Mar 2013] USENIX published the video of my invited talk at USENIX LISA '12 and also a report of it in USENIX Login magazine

[Dec 2012] Check out our blog post on observing the Syrian Internet blackout from the UCSD Network Telescope

[Sep 2012] Our research activity on Internet outages has been covered in September issue of Communications of the ACM Magazine (link)
..more press coverage also at Heise Online (if you can read Deutsch)

[Jul 2012] Our paper ``Analysis of a "/0" Stealth Scan from a Botnet'' has been accepted at IMC 2012

[Jun 2012] Our work on exploiting malware traffic pollution for detecting and analyzing Internet outages has been awarded as one of the three best papers in ACM SIGCOMM Computer Communication Review of the past 12 months. I will present it in a special session at SIGCOMM 2012

[Jun 2012] I've been awarded the IRTF Applied Networking Research Prize 2012 (link)

[Mar 2012] We've been "press-released" :) And covered by the WSJ blog, among others

[Jan 2012] Our work on exploiting malware traffic pollution for detecting and analyzing Internet outages has been published on ACM SIGCOMM Computer Communication Review, January 2012

[Jan 2012] Our paper entitled "Issues and Future Directions in Traffic Classification" has been published on IEEE Network, January 2012

[Nov 2011] Our work on the Internet "kill switch" in Libya and Egypt has been presented at IMC 2011, Berlin, November 2011


About me

I am an Associate Professor in the School of Computer Science at the College of Computing at Georgia Tech. My research is at the intersection of Internet measurement, data science and cybersecurity. I am interested in understanding when and how Internet infrastructure can fail and proposing remedies. To this end, I develop methods and build near-real-time streaming data analytics systems (IODA, BGPStream, GRIP) that combine diverse data to monitor and improve Internet infrastructure security and reliability. I am also interested in understanding political motivations and implications of Internet cybersecurity events and phenomena, which led me to start in 2014 a series of small workshops on Internet Measurement and Political Science. Before joining Georgia Tech I was an Associate Research Scientist and Principal Investigator at CAIDA, the Center for Applied Internet Data Analysis at the San Diego Supercomputer Center, University of California San Diego. I received my Ph.D. in Computer Engineering and Systems at University of Napoli "Federico II", Italy, in 2008.

Research Interests


Projects

IODA monitors the Internet 24/7 to detect and
visualize large connectivity outages in realtime.
Users include the United Nations, Amnesty
International, ISOC, as well as researchers
(CS and PoliSci), journalists (WSJ, Reuters), ...
MapKIT: "Mapping Key Internet Terrain".
Identifying structural weaknesses (e.g.,
exploitable by state actors) in the physical
and logical Internet topology of countries.
ARTEMIS: an open source tool for realtime
BGP Hijacking detection and mitigation.
Used by ISPs and IXPs worldwide.


BGPStream: open source tools and APIs
(Python, C) for realtime BGP streaming analytics.
Used by researchers and industry. Get v2 now!
GRIP (preview): The Global Routing
Intelligence Platform detects and visualizes
attacks to the Internet global routing system
in near-realtime through inference techniques
that combine diverse datasets.
STARDUST: making Network Telescope
data streams and infrastructure easily
accessible to students and researchers.

Teaching

Spring 2022: Internet Data Science (CS 8803)

Students and PostDocs

Current:
Zhiyi Chen, GATech Ph.D. student

Former:
Ramakrishna Padmanabhan, UC San Diego PostDoc → Applied Scientist at Amazon AWS Research
Alex Gamero-Garrido, UC San Diego Ph.D. student → PostDoc at Northeastern University
Shuai Hao, UC San Diego PostDoc → Asst. Prof. Old Dominion University
Jae Hyun Park, UC San Diego M.S. → Microsoft Azure Networking
Karyn Benson, UC San Diego Ph.D. → Akamai
Chiara Orsini, UC San Diego PostDoc → Amazon
Ojas Gupta, UC San Diego M.S. → VMware

Selected Publications (full list: chronological order, by topic, by journal/conf/editorial)

Profiling BGP Serial Hijackers: Capturing Persistent Misbehavior in the Global Routing Table (pdf)
C. Testart, P. Richter, A. King, A. Dainotti, D. Clark
ACM IMC 2019
Distinguished paper award at IMC 2019
Press coverage: ZDNet, IEEE Spectrum, Bruce Schneier's Blog

Blink: Fast Connectivity Recovery Entirely in the Data Plane (pdf)
T. Holterbach, E. Costa Molero, M. Apostolaki, A. Dainotti, S. Vissicchio, L. Vanbever
USENIX NSDI 2019

ARTEMIS: Neutralizing BGP Hijacking within a Minute (pdf)
P. Sermpezis, V. Kotronis, P. Gigis, X. Dimitropoulos, D. Cicalese, A. King, and A. Dainotti
IEEE/ACM Transactions on Networking
Press coverage: The Register, Cyberscoop

Millions of Targets Under Attack: a Macroscopic Characterization of the DoS Ecosystem (pdf)
M. Jonker, A. King, J. Krupp, C. Rossow, A. Sperotto, A. Dainotti
ACM IMC 2017
Press coverage: CircleID, ESET WeLiveSecurity, The Register, IBM Security Intelligence

SWIFT: Predictive Fast Reroute (pdf)
T. Holterbach, S. Vissicchio, A. Dainotti, L. Vanbever
ACM SIGCOMM 2017

BGPStream: a framework for live and historical BGP data analysis (pdf)
C. Orsini, A. King, V. Giotsas, D. Giordano, A. Dainotti
ACM SIGCOMM Internet Measurement Conference IMC 2016
IRTF Applied Networking Research Prize 2017

Analysis of a "/0" Stealth Scan from a Botnet (pdf)
A. Dainotti, A. King, K. C. Claffy, F. Papale, A. Pescapè
ACM SIGCOMM Internet Measurement Conference IMC 2012
Finalist for best paper award at IMC 2012
Press coverage: Dark Reading, Spam Fighter, The H Security

Extracting Benefit from Harm: Using Malware Pollution to Analyze the Impact of Political and Geophysical Events on the Internet (pdf)
A. Dainotti, R. Amman, E. Aben, K. C. Claffy
ACM SIGCOMM Computer Communication Review, January 2012
Best of ACM SIGCOMM CCR award 2012
Press coverage: Wall Street Journal Blog, Communications of the ACM, ACM TechNews, Tom's Guide

Analysis of Country-wide Internet Outages Caused by Censorship (pdf)
A. Dainotti, C. Squarcella, E. Aben, K. C. Claffy, M. Chiesa, M. Russo, A. Pescapè,
ACM SIGCOMM Internet Measurement Conference IMC 2011 - November 2011, Berlin (Germany)
IRTF Applied Networking Research Prize 2012
Press coverage: Communications of the ACM

Other Professional Activities

  • Editorial board member for: ACM SIGCOMM Computer Communication Review (2015-2018), IEEE/ACM Transactions on Networking (2017-2020)
  • Steering Committee member for the TMA Conference 2018, 2017
  • General chair for CoNEXT 2018
  • TPC chair for: PAM 2020, TMA 2014, Big-DAMA 2018, 2017
  • TPC member for: ACM IMC 2020, 2019, 2013, ACM CoNEXT 2017, PAM 2019 - 2014, IEEE ICC 2017 - 2014, 2007, TMA 2019 - 2012, IEEE ICNC 2013, IEEE Globecom 2012
  • Independent reviewer of projects and evaluator of project proposals for the European Commission (Horizon 2020, FP7 ICT) and the US National Science Foundation

Funding

I gratefully acknowledge funding from the National Science Foundation, the US Department of Homeland Security, Cisco Systems, Comcast, ISOC, the Open Technology Fund, and the US Department of State

NSF
EAGER:Experimental Deployment of the ARTEMIS BGP Hijacking Detection Prototype in Research and Educational Networks, 2018-2019
HIJACKS: Detecting and Characterizing Internet Traffic Interception based on BGP Hijacking, 2014-2019
Sustainable Tools for Analysis and Research on Darknet Unsolicited Traffic (STARDUST), 2017-2020
Investigating the Susceptibility of the Internet Topology to Country-level Connectivity Disruption and Manipulation, 2017-2021
Integrated Platform for Applied Network Data Analysis (PANDA), 2017-2020
Detection and analysis of large-scale Internet infrastructure outages (IODA), 2012-2016

DHS
IODA-NP: Multi- source Realtime Detection of Macroscopic Internet Connectivity Disruption, 2018-2019
Advancing Scientific Study of Internet Security and Topological Stability (ASSISTS), 2018-2020
Mapping DNS DDoS Vulnerabilities to Improve Protection and Prevention (MADDVIPR), 2018-2022

Open Tech Fund
An Observatory for Realtime Monitoring and Analysis of Internet Blackouts Caused by Censorship, 2019-2020
An Observatory for Realtime Monitoring and Analysis of Internet Blackouts Caused by Censorship, 2018-2019

Internet Society (ISOC)
IODA: Internet Outage Detection and Analysis, 2020

Cisco Systems
Native support for the BGP Monitoring Protocol in BGPStream, 2016-2017

Comcast
ARTEMIS: Neutralizing BGP Hijacking within a Minute, 2018-2019
Monitoring and Visualizing Internet Outages, 2013

Last Modified