Internet Background Noise
   HOME

TheInfoList



Click Here for Items Related To - Internet Background Noise
OR:
Internet Background Noise on:   [Wikipedia]   [Google]   [Amazon]

Internet background noise (IBN, also known as Internet background radiation, by analogy with natural background radiation) consists of data packets on the
Internet The Internet (or internet) is the Global network, global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a internetworking, network of networks ...
addressed to
IP address An Internet Protocol address (IP address) is a numerical label such as that is assigned to a device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two main functions: network interface i ...
es or
port A port is a maritime facility comprising one or more wharves or loading areas, where ships load and discharge cargo and passengers. Although usually situated on a sea coast or estuary, ports can also be found far inland, such as Hamburg, Manch ...
s where there is no network device set up to receive them. Network telescopes observe the Internet background radiation. These packets often contain unsolicited commercial or network control messages, backscatters, port scans, and
worm Worms are many different distantly related bilateria, bilateral animals that typically have a long cylindrical tube-like body, no limb (anatomy), limbs, and usually no eyes. Worms vary in size from microscopic to over in length for marine ...
activities. Smaller devices such as
DSL modem A digital subscriber line (DSL) modem is a device used to connect a computer or Router (computing), router to a telephone line which provides the digital subscriber line (DSL) service for connection to the Internet, which is often called ''DSL ...
s may have a hard-coded
IP address An Internet Protocol address (IP address) is a numerical label such as that is assigned to a device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two main functions: network interface i ...
to look up the correct time using the
Network Time Protocol The Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-Network latency, latency data networks. In operation since before 1985, NTP is one of the oldest Intern ...
. If, for some reason, the hard-coded NTP server is no longer available, faulty software might retry failed requests up to every second, which, if many devices are affected, generates a significant amount of unnecessary request traffic.


History

In the first 10 years of the Internet, there was very little background noise, but with its commercialization in the 1990s, the noise factor became a permanent feature. It was estimated in the early 2000s that the average
dial-up modem The Democratic Movement (, ; MoDem ) is a centre to centre-right political party in France, whose main ideological trends are liberalism and Christian democracy, and that is characterised by a strong pro-Europeanist stance. MoDem was establis ...
user lost around 20 bits per second of their
bandwidth Bandwidth commonly refers to: * Bandwidth (signal processing) or ''analog bandwidth'', ''frequency bandwidth'', or ''radio bandwidth'', a measure of the width of a frequency range * Bandwidth (computing), the rate of data transfer, bit rate or thr ...
to unsolicited traffic. During that decade, the amount of background noise for an IPv4 /8 address block (which contains 16.7 million address) increased from 1 to 50 
Mbit/s In telecommunications, data transfer rate is the average number of bits (bitrate), characters or symbols (baudrate), or data blocks per unit time passing through a communication link in a data-transmission system. Common data rate units are multi ...
(1 KB/s to 6.25
MB/s In telecommunications, data transfer rate is the average number of bits ( bitrate), characters or symbols ( baudrate), or data blocks per unit time passing through a communication link in a data-transmission system. Common data rate units are mu ...
). By November 2010, it was estimated that 5.5 gigabits (687.5 megabytes) of background noise were being generated every second. The newer
IPv6 Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communication protocol, communications protocol that provides an identification and location system for computers on networks and routes traffic ...
protocol, which has a much larger address space, made it more difficult for viruses to scan ports and also limited the impact of misconfigured equipment. The
Conficker Conficker, also known as Downup, Downadup and Kido, is a computer worm targeting the Microsoft Windows operating system that was first detected in November 2008. It uses flaws in Windows OS software (MS08-067 / CVE-2008-4250) and dictionary atta ...
worm was responsible in 2010 for a large amount of background noise generated by viruses looking for new victims. In addition to malicious activities, misconfigured hardware and leaks from private networks are also sources of background noise. Internet background noise has been used to detect significant changes in Internet traffic and connectivity during the 2011 political unrest from IP address blocks that were geolocated to Libya.


Types

Backscatter In physics, backscatter (or backscattering) is the reflection of waves, particles, or signals back to the direction from which they came. It is usually a diffuse reflection due to scattering, as opposed to specular reflection as from a mirror, ...
is a term coined by
Vern Paxson Vern Edward Paxson is a professor of computer science at the University of California, Berkeley. He also leads the Networking and Security Group at the International Computer Science Institute in Berkeley, California. His interests range from tr ...
to describe Internet background noise resulting from a
DDoS In computing, a denial-of-service attack (DoS attack) is a cyberattack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host co ...
attack using multiple spoofed addresses.Moore et al
Inferring Internet Denial-of-Service Activity
{{Webarchive, url=https://web.archive.org/web/20120205051509/http://www.caida.org/publications/papers/2001/BackScatter/usenixsecurity01.pdf , date=2012-02-05 , 2001 This noise is used by
network telescope A network telescope (also known as a packet telescope, darknet, Internet motion sensor or black hole) is an Internet system that allows one to observe different large-scale events taking place on the Internet. The basic idea is to observe traffic t ...
s to indirectly observe large scale attacks in real time.


References

Noise (electronics)