BGP enables interdomain routing, but it can also serve as an indicator of Internet health. Just as blood pressure and pulse rate are indicators of biological distress, metrics derived from BGP observation can be used as Internet "vital signs." Since BGP traffic is erratic and prone to localized bursts of activity, BGP from multiple sources (geographically and topologically dispersed) is required to make intelligent inferences. We have developed metrics for measuring routing stability, flapping, reachability, and backbone churn. The global instability index (GII), for instance, is a single indicator fused from multiple sources that strongly indicates global Internet distress while damping localized instability. We will present measurements made during the Slammer worm and during the instability in the wake of the July 2003 IOS patch frenzy.

About the Presenter
Dennis McGrath is a senior research engineer at the Institute for Security Technology Studies (ISTS) and the Thayer School of Engineering at Dartmouth College. His research interests include interdomain routing measurement, Internet health data correlation, and real-time simulation of cyber attacks. He earned his B.S. and M.A. degrees from Rutgers University.