Internet Traffic Analysis: This has long been a major topic at NANOG. I have heard several interesting discussions concerning tracking where spikes in the infrastructure are coming from, and their destinations. Here and Here. I am more curious about a seismic like data concerning massed DDoS attacks. Symantec has a product called deepsight similar to what I am thinking about, not sure whether there are other vendors with similar products.
I am interested in seeing a database that has remote probes scattered across the internet colo'd at prime target destination subnets collecting and analyzing inbound traffic. The model looks like a worldwide IDS, learning about new traffic and attacks as they are being assembled. The idea needs some more work. Just rolling it around in my head at the moment.