As part of a broader organisational restructure, data networking research at Swinburne University of Technology has moved from the Centre for Advanced Internet Architecture (CAIA) to the Internet For Things (I4T) Research Lab.

Although CAIA no longer exists, this website reflects CAIA's activities and outputs between March 2002 and February 2017, and is being maintained as a service to the broader data networking research community.

L3DGEWorld 2.0

Overview

L3DGEWorld 2.0 is a network monitoring and control application based on Open Arena, a GPL'd game that makes use of the Quake III Arena (Q3A) game engine. L3DGEWorld allows monitoring and control of a live network to take place from within a virtual world created by the game engine.

L3DGEWorld is the product of a research project aimed at simplifying two key network management tasks[1]:

• The identification of anomalous traffic patterns within IP networks, and
• The control of network elements (such as routers and firewalls) to block anomalous traffic.

L3DGEWorld currently creates a virtual world in which spinning objects represent the rate at which IP packets are heading towards particular, monitored IP addresses on your network. By using in-game techniques (in version 2.0 this involves 'shooting a gun at the spinning object') a network operator can initiate an ACL update to block undesired traffic. Our current implementation allows multiple participants to view and interact with the spinning network entities, and can require multiple participants to concurrently trigger ACL updates.

L3DGEWorld should run on any platform to which Open Arena has been ported, and the provided source code should make it easy to compile both the server and clients for unsupported platforms.

Included in this release is an updated version of greymatter, a FreeBSD-based application that monitors 'greynet' network traffic [2] and feeds real time information to L3DGEWorld. This new version now generate statistics on a per-port level, allowing users to get an even better idea of what types of traffic is coming into their greynet. L3DGEWorld itself does not specifically require greymatter, and may be fed real time traffic information from other external sources. [3]

What's New?

New features in this version of L3DGEWorld include:

• Clients are assigned differnet amounts of "admin weight", so a higher level administrator may be able to place ACLs unaided, or multiple lower level adminstrators can cooperate to place that same ACL.
• The amount of "admin weight" required to place ACLs for each Greynet Host is configurable.
• greymatter has been greatly improved, and now generates per-port information about greynet hosts and a more accurate aggregate "packet per second" rate.
• "Packet per second" rate is now reported as a floating point number.
• Administrators are able to get detailed greynet host information by touching or shooting (configurable) the host.
• L3DGEWorld Universal binaries for Mac OS X 10.4 are now available.

Screenshots

The network overview.	Another Administrator marking a greynet host to have an ACL Placed.
Getting detailed information about the traffic to a particular greynet host. The traffic shown came from nmap and scp.	An animation showing the greynet hosts rotating at various speeds.

System Requirements

L3DGEWorld and it's demonstration scripts have been verified to run on FreeBSD 6.2, Mac OS X 10.4.9, Linux (Ubuntu 7.04) and Windows XP Platforms (with the addition of cygwin). At this stage greymatter has only been verified to run on FreeBSD.

Client Requirements:

• L3DGEWorld 2.0 distribution
• libSDL and libOpenAL are required on Linux and FreeBSD

Server Requirements:

• L3DGEWorld 2.0 distribution
• expect (http://expect.nist.gov/)
• BASH (Bourne Again SHell)

Documentation

Please see the files included in the tarball (available below) for further documentation.

Licensing

L3DGEWorld is copyright (C) 2007, the Centre for Advanced Internet Architectures, Swinburne University of Technology

L3DGEWorld is distributed under version 2 of the GNU General Public Licence.

Future Work

Planned features for future versions of L3DGEWorld include:

• Maps may be made up of multiple rooms, with a certain number of points required to enter certain rooms (preventing lower level adminstrators from viewing areas of the network).
• Other input and output daemons will be developed allowing the monitoring and controlling of a larger range of devices.

Authors and Acknowledgments

• Support for the development of L3DGEWorld is provided in part by a grant from the Cisco University Research Program Fund at Community Foundation Silicon Valley. The URP project, titled "Anomalous traffic detection and collaborative network configuration using 3D multiplayer game engines", is led by Associate Professor Grenville Armitage (CAIA) and supported by Fred Baker (Cisco). This project has been made possible in part by a grant from the at Community Foundation Silicon Valley.
• L3DGEWorld 2.0 has been developed by Lucas Parry
• The Greymatter input daemon was developed by Warren Harrop and Lucas Parry.
• We have recieved a lot of valuable feedback and testing by Grenville Armitage.
• Thanks to Alex Shoolman, who's work on LTMON led into the start of L3DGEWorld.
• Thanks to the OpenArena team, who's game made it possible for us to freely distribute L3DGEWorld as a whole product.

References

1. W. Harrop, G. Armitage, "Real-Time Collaborative Network Monitoring and Control Using 3D Game Engines for Representation and Interaction," in VizSEC'06 Workshop on Visualization for Computer Security, Virginia, USA, October-November 2006.
2. W. Harrop, G. Armitage "Defining and Evaluating Greynets (Sparse Darknets)", IEEE 30th Conference on Local Computer Networks (LCN 2005) Sydney, Australia, 15-17 November, 2005.
3. W. Harrop, L. Parry "L3DGEWorld 1.0 Input/Output Layer Specifications", CAIA Tech Report, April 2007.

Download

• L3DGEWorld 2.0 for Windows, FreeBSD and Linux Download (39MB)
• L3DGEWorld 2.0 for Mac OS X Download (45MB)
• MD5SUMS Download

Go back to the L3DGE project main page