Dr. Labovitz is a recognized expert on Internet infrastructure security and cyber threats. His research lead both to the technology in Arbor's carrier security products as well as ATLAS, Arbor Network's global, real-time Internet infrastructure security monitoring system. Labovitz's analysis of Internet scale threats and traffic, including government censorship, DDoS and the evolution of Internet peering, has generated important new findings and garnered global media attention. In a recent article, Wired Magazine praised ATLAS as "likely knowing more about the Internet's ebbs and flows than anyone outside of the National Security Agency".
In the 1990s, his research demonstrated fundamental limitations in the core routing architecture of the Internet. His seminal work on Internet routing stability and convergence served as a catalyst for significant changes in commercial Internet routing software implementation and impacted routing policies employed by Internet Service Providers throughout the world. His work was recently recognized with an ACM SIGCOMM Test of Time Award in 2008.
His security and traffic engineering technology commercialized at Arbor is deployed in more than 400 Internet Service Providers, cable operators, content providers, and mission-critical networks around the globe. Today, over 70 percent of Internet backbone transit traffic is protected by products stemming from his research. Tektronix Communications, a division of Danaher, acquired Arbor in August, 2010.
In addition to his extensive commercial product and research background, Dr. Labovitz has over a decade of operational network engineering experience. He served as one of the original engineers for the NSFNet backbone and later the Internet Routing Registry and Routing Arbiter. He has also served as a consultant on diverse range of network engineering projects, including Sprint's first Internet email infrastructure, design of the Department of Defense research network, and the first commercial aviation Internet service. Labovitz also played important roles in early IPv6 engineering and the 6Bone precursor to the today's IPv6 Internet. Dr. Labovitz is an active participant in the global network engineering community, including service on the program committee and as the Chair of North American Network Operators Group (NANOG).
Dr. Labovitz's research interests include large scale distributed systems, fixed and mobile carrier infrastructure security, traffic engineering, and network architectures.
Labovitz is the author of more than a dozen peer-reviewed networking research papers, journal articles and patents. His research has been cited thousands of times in national media articles and academic publications. He is a frequent speaker at industry and academic conferences. Dr. Labovitz received his PhD and MSE from the University of Michigan and his BSE from the University of Pennsylvania.
Chief Architect, Arbor Networks (2003-2007)
Product development, engineering group management, technical leadership, design of all security detection and mitigation algorithms.
Director of Engineering, Arbor Networks (2001-2003)
Engineering / QA management. Product management, design, and development. Sales engineering and support.
Member of the Networking and Systems Research Group contributing to the first Windows IPv6 implementation (including v6 Routing) and conducting network security and routing research.
Principal Investigator, Merit Networks (1996-2000)
Principal investigator and project director of several National Science Foundation and industry (MSF, Microsoft, Intel) research projects. Directed team of faculty, graduate student and professional staff researchers.
Director of Engineering, Merit Networks (1996-2000)
Managed research and development group working on next-generation technologies, including IPv6, wireless and security. Additional responsibilities included Internet Routing Registry development and commercial service, NANOG (including serving as the conference chair), the Routing Arbiter project and several National Science Foundation and Defense Department research grants.
Backbone Engineer, Merit Networks (1992-1996)
NSFNet backbone engineering and oncall / operations / planning. Responsible for router configuration, tool development, network trouble-shooting and operations.
Cardiothoracic Imaging Research Center, Researcher
Member of research team developing image processing algorithms and visualization techniques for large-scale volumetric studies of the heart.
University of Pennsylvania
BSE Computer Science / Electrical Engineering
Minor in Mathematics
Internet Inter-Domain Traffic
Experiences With Monitoring OSPF on a Regional Service Provider Network
David Watson, Farnam Jahanian and Craig Labovitz
Proceedings of the 23rd International Conference on Distributed Computing Systems. May 19-22, 2003.
The Impact of Internet Policy and Topology on Delayed Routing
Craig Labovitz, Abha Ahuja and Roger Wattenhofer
Proceedings of IEEE INFOCOM 2001
Delayed Internet Routing Convergence
Craig Labovitz, Abha Ahuja, Abhijit Bose, and Farnam Jahanian
Proceedings of ACM SIGCOMM 2000
Version also appeared in IEEE/ACM Transactions on Networking 2001.
Origins of Internet Routing Instability
Craig Labovitz, Gerald Malan, and Farnam Jahanian
Proceedings of IEEE INFOCOM 1999
Experimental Study of Internet Stability and Wide-Area Backbone
Craig Labovitz, Abha Ahuja, and Farnam Jahanian Proc. International Symposium on Fault-Tolerant Computing 1998
Internet Routing Instability
Craig Labovitz, G. Robert Malan and Farnam Jahanian
Proceedings of ACM SIGCOMM 1997, Cannes, France.
Also version appeared in IEEE/ACM Transactions on Networking 1997
1998 Best Paper Award
2008 ACM Test of Time Award
Six Months, Six Providers and IPv6
Network Infrastructure Security Report VI
Craig Labovitz, Roland Dobbins and Carlos Morales. January, 2011.
Network Infrastructure Security Report V
Craig Labovitz, Roland Dobbins and Danny McPherson. January, 2010.
Tracking the IPv6 Migration
Scott Iekel-Johnson, Craig Labovitz, and Danny McPherson
Arbor Technical Report, August 2008.
Network Infrastructure Security Report IV
Craig Labovitz, and Danny McPherson. January, 2009.
Network Infrastructure Security Report III
Craig Labovitz, Danny McPherson and Mike Hollyman. Sept, 2007.
Light on Dark Address Space
Craig Labovitz, Abha Ahuja, Michael Bailey. December, 2001.
Network Infrastructure Security Report II
Craig Labovitz and Danny McPherson. Sept, 2006.
Network Infrastructure Security Report I
Craig Labovitz and Danny McPherson. Sept, 2005.
3G Mobile/Packet Core Security and Engineering Challenges
A look at mobile infrastructure security trends and open problems including 3G attack surface and protocol vulnerabilities. NANOG 51. Miami, Florida. February 2011.
Egypt Traffic Disruption
Presentation at NANOG security BOF on ongoing Egypt traffic disruptions. Slides also presented during main session lightening talks. NANOG 51. Miami, Florida. February 2011.
How Not to Start a Startup and Save the Internet
Xconomy Forum: 5x5. A presentation on the history of the Internet, Arbor's startup "big-idea" and the future of network security. Boston, MA. December 8, 2010.
ATT CyberSecurity Conference panel discussion. October 13 2010. Middletown, NJ
Botnets, DDoS and Ground-Truth -- A Look at 5,000 Operator
NANOG50. Atlanta, Georgia. October 3, 2010
The End of the Internet and Why Analysts Should Care
Yankee Group Quarterly Meeting. Invited talk. Boston, MA. September 29, 2010.
The Rapid Consolidation of Internet Content
IETF 77 Plenary / Keynote. Invited Talk. Anaheim, CA. March 2010.
The Future of Internet Traffic and Topology
Telefonica / Cambridge 2020 Networking Summit. Invited talk. Madrid, Spain. June 2010.
Developed IPv6 routing implementation for the Microsoft Windows / NT
platform and researched security implications.
A large scale study of the evolving commercial Internet routing and
IXP / peering infrastructure. Project developed some of the first
Internet visualization and traffic analysis tools. Research uncovered
significant unexpected properties / flaws in Internet routing and
One of the first open-source implementations of core routing protocols (BGP, OSPF, RIP, etc.) and IPv6 protocols. The project explored scalability of Internet routing and uncovered wide-spread, critical flaws in most commercial routers. Now an IETF standard, MRT protocols form the basis for most routing protocol export / storage.
Method and System for Annotating Network Flow Information
Craig Labovitz, Joseph Eggleston, and Scott Iekel-Johnson. June, 2008. (pending)
Patent describes key distributed communication protocol used by Arbor products to synchronize large volumes of traffic and security data between appliances.
Method and System for Monitoring Control Signal Traffic over a
Craig Labovitz. United States Patent 7,844,696. Issued November 30, 2010.
Patent describes Arbor technology for detecting infrastructure attacks through the analysis of router telemetry (routing and flow statistics).
System and Method for Decreasing Convergence Time in Routing
Craig Labovitz. (Microsoft, pending) June 8, 2001.
Contributor to IDR, RPSL, GROW and CIDR working groups
Co-author of MRT RFC
Contributor to FlowSpec RFC
Routing and Security Research Working Groups
Academic Program Committees:
ACM CoNEXT 2011 (conference site)
SIGCOMM, INFOCOM, IMC, FTCS, PAM
IEEE / ACM Transactions on Networking
Industry and Government Panels:
FCC Open Internet Challenge 2011 Judge (FCC Challenge Web Site)
Various NSF review panels / grant proposals
Various textbook reviews (Interconnections, Routing in the Internet, etc.)
Backbone Attack Detection and Mitigation Methodologies
Various security seminars and training for carriers and government organizations.