DIST: Dartmouth Internet Security Testbed (2009-2014)

DIST logo

This project is no longer active; this page is no longer updated; its last update was April 9, 2009.

Related projects: [CRAWDAD], [MAP], [NetSANI], [Wi-Fi-measurement]

Related keywords: [privacy], [security], [wifi]


We developed the Dartmouth Internet Security Testbed (DIST), a large-scale deployment designed to support research on wireless-network security challenges. The Institute for Security Technology Studies (ISTS), in collaboration with Dartmouth's central Information Technology division, deployed this integrated testbed comprising a wireless-network measurement infrastructure and a suite of Wi-Fi capable mobile devices. This project built on the technology of the MAP project, and supported the work done in the NetSANI project.

All DIST hardware has been removed from campus.

The following was written before/during the project.

DIST concerns itself with studying campus network usage patterns and with developing systems for automatically detecting malicious attempts to disrupt or degrade the network. To support these activities, DIST has been installing wireless monitors at various locations around the campus.

The DIST wireless monitors look a lot like the Kiewit access points that are deployed around the campus to support wireless Internet access at Dartmouth. In fact, both the Kiewit access points and the DIST wireless monitors are Aruba AP70s, and they differ only in the way they are deployed.

One of the differences is physical: the Kiewit access points have no external antennas (they transmit and receive through antennas embedded in their antenna flaps), while the DIST wireless monitors are deployed with twin blade antennas mounted at their sides. A few of the DIST wireless monitors are mounted with their flaps closed. Another difference, albeit an invisible one, lies in the software that is deployed on these devices. The Kiewit access points run proprietary Aruba software for managing communication on a wireless network; if you have a laptop computer or other wireless device and are within range of a Kiewit access point, you can associate with it and use it to access the Internet. By contrast, the DIST wireless monitors run our own research software, which monitors wireless network traffic with the goal of detecting anomalies that suggest malicious activity. The DIST wireless monitors play no direct role in supporting Internet communication, and your laptop cannot associate with them.

A Kiewit access point

An open-flap DIST wireless monitor

A closed-flap DIST wireless monitor

Each DIST wireless monitor is deployed with a label that reads DIST-XXX, where XXX is a three-digit number. These labels help the DIST project to identify individual DIST wireless monitors in case any problems or questions arise in connection with them.

See also the DIST privacy statement and the DIST Frequently Asked Questions.


Chrisil Arackaparambil, Sergey Bratus, David Kotz, Mike Locasto, Anna Shubina, Keren Tan, Punch Taylor, and Bennet Vance (Computer Science); Frank Archambeault, Paul Schmidt (Computing Services); Guanling Chen and Bo Yan (UMass Lowell); and Chris McDonald (Univ. Western Australia).


DIST was a research program in the Institute for Security Technology Studies at Dartmouth College, supported by the U.S. Department of Homeland Security under Grant Award Number 2006-CS-001-000001. The views and conclusions resulting from DIST research are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of the U.S. Department of Homeland Security.

Sun Microsystems was a contributor to the DIST project.

The views and conclusions contained on this site and in its documents are those of the authors and should not be interpreted as necessarily representing the official position or policies, either expressed or implied, of the sponsor(s). Any mention of specific companies or products does not imply any endorsement by the authors or by the sponsor(s).

Papers tagged 'dist'

[Also available in BibTeX]

Papers are listed in reverse-chronological order. Follow updates with RSS.


[Kotz research]