1 / 27

DDoS Defense by Offense

DDoS Defense by Offense. Michael Walfish,Mythili Vutukuru,Hari Balakrishnan,David Karger,Scott Shenker. What is this paper about. “Speak-up” a defense mechanism against application level DDoS. It’s a defense mechanism against legitimate looking requests that consume computational resources.

shanon
Download Presentation

DDoS Defense by Offense

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. DDoS Defense by Offense Michael Walfish,Mythili Vutukuru,Hari Balakrishnan,David Karger,Scott Shenker Samarpita Hurkute DDoS Defense By Offense

  2. What is this paper about • “Speak-up” a defense mechanism against application level DDoS. • It’s a defense mechanism against legitimate looking requests that consume computational resources. • The server encourages clients to send higher volumes of traffic wherein the inflated traffic volume from good clients crowd out the bad ones. Samarpita Hurkute DDoS Defense By Offense

  3. Introduction • Application level DDoS – It is a noxious attack where in an “open clientele” environment the attacker forces the victim server to spend much of its resources on spurious requests. • Carried over an ICMP link its effect is two-fold – First the servers resources are often depleted by “proper-looking”requests.Second the traffic is in-band so is harder to identify. Samarpita Hurkute DDoS Defense By Offense

  4. Introduction • Examples of such attack – Using bots to attack web sites by : requesting large files,making queries of search engines and issuing computationally expensive requests. • Approach to counter this attack is encourage all clients to speak … Samarpita Hurkute DDoS Defense By Offense

  5. Defenses used • Detect and Block : Distinguish between good clients and bad clients.eg. Profiling IP address ,rate limiting alone,CAPATCHA based defenses. • Charge clients some currency – An attacked server gives a client a services only after it pays some currency in form of CPU cycles and money. Samarpita Hurkute DDoS Defense By Offense

  6. Mechanism Used • In a speakup the “thinner” protects the server from overload and performs encouragements. • When the server is overloaded the thinner causes each new client to automatically send a congestion controlled stream of dummy bytes on a separate payment channel. • When the server is ready to process requests the thinner selects a client that has sent the most bytes. Samarpita Hurkute DDoS Defense By Offense

  7. Attacked Server with “speakup” and without “speakup” Samarpita Hurkute DDoS Defense By Offense

  8. Applicability of Speakup • How much aggregate bandwidth does the legitimate client need for speakup to be effective ? • Could small Web sites eben when defended by speakup be harmed ? • As bandwidth is a communal resource doesn't the encouragement to send more traffic damage the network ? Samarpita Hurkute DDoS Defense By Offense

  9. Threat Model • The attacker can send difficult requests intentionally. • An attacker can repeatedly request service from a site while having different IP addresses. Samarpita Hurkute DDoS Defense By Offense

  10. Conditions necessary for “Speakup” to be successful • Adequate link bandwidth : enough bandwidth to handle incoming stream of requests.ISP’s which have significant bandwidth offering speakup as a service. • Adequate client bandwidth – the good clients must have totally the same number of magnitude bandwidth as the bad clients. • No pre defined clientele to avoid filtering to permit traffic from only known clients. • Non – human clientele – If clientele is exclusively human one may be able to use proof of humanity tests. • Unequal requests – Currency based approach can charge clients for harder requests Samarpita Hurkute DDoS Defense By Offense

  11. Design of Speak Up • Design Goal : If the good clients make g requests per second and have an aggregate bandwidth of G requests per second to the server and if the bad clients have aggregate bandwidth of B requests per second then the server should process good requests at a rate of min(g,(G/G+B)c) requests per second where c is the servers capacity to process requests. Samarpita Hurkute DDoS Defense By Offense

  12. Required mechanism • Limit the requests to a server to c per second. • Perform encouragement : cause a client to send more traffic • Speak up needs a proportional allocation mechanism to admit client at rates proportional to their delivered bandwidth. Samarpita Hurkute DDoS Defense By Offense

  13. Random drops and Aggressive tries • The thinner implements proportional allocation by dropping requests at random to reduce the rate to c. • For each request it drops it immediately asks the client to retry.This causes the good clients to retry at higher rates. Samarpita Hurkute DDoS Defense By Offense

  14. Explicit payment channel • The thinner asks clients to pad their requests with dummy bytes. • The thinner asks the requesting client to send their requests over a separate payment channel. • When the server notifies the thinner it is ready to fire a new request it admits the client which has sent the most no. of padded dummy bytes. • However the drawback is good clients might have to pay a higher price for their requests. Samarpita Hurkute DDoS Defense By Offense

  15. Implementation • A prototype thinner is implemented in C++. • It runs on Linux 2.6 exporting a well know URL. • When a web client requests this URL then thinner decides , if and when to send this request to the server. • When the server responds to that request the thinner returns HTML to the client with that response. Samarpita Hurkute DDoS Defense By Offense

  16. Implementation • If the server is busy the thinner returns the javaScript to the client.the client issues 2 responses : 1 is the actual request to the server and 2 is HHTP POST which holds the dummy bytes. • The thinners delays responding the first HTTP because the server is busy and the second HTTP is the payment channel. Samarpita Hurkute DDoS Defense By Offense

  17. Implementation • If by sending dummy bytes the client wins, the thinner terminates the 2nd request and passes on the clients 1st request to the server. • If on the other had if the client has not yet received any service the thinner returns the Javascript which causes the browser to send another large POST and the process goes on. Samarpita Hurkute DDoS Defense By Offense

  18. Samarpita Hurkute DDoS Defense By Offense

  19. Samarpita Hurkute DDoS Defense By Offense

  20. Samarpita Hurkute DDoS Defense By Offense

  21. Samarpita Hurkute DDoS Defense By Offense

  22. Samarpita Hurkute DDoS Defense By Offense

  23. Samarpita Hurkute DDoS Defense By Offense

  24. Samarpita Hurkute DDoS Defense By Offense

  25. Samarpita Hurkute DDoS Defense By Offense

  26. Objections to Speak Up • Bandwidth envy : Since speakup allocates servers resources in proportion to the clients bandwidth , “high bandwidth good clients” are better off . • Variable bandwidth costs : For clients with access to “speakup” defended servers would cost more than usual. • Incentives for ISP’s : Does “speakup” give ISP’s an incentive to encourage botnets as a way to increase the bandwidth demanded by good clients. • Solving the wrong problem – If the problem is bots shouldn’t it be addresses than encouraging more traffic • Flash crowds – Speakup treats an overload of good clients alone just like an application level DDoS attack. Samarpita Hurkute DDoS Defense By Offense

  27. Conclusions • This study has sought an answer to two high level questions : • Which conditions call for speakup’s peculiar brand of protection ? • Does speakup admit a practical design ? The missed question is “Who needs speakup? Samarpita Hurkute DDoS Defense By Offense

More Related