170 likes | 302 Views
Protecting Network Quality of Service Against Denial of Service Attacks. Douglas S. Reeves S. Felix Wu Fengmin Gong Talk: “00-17 reeves” CACC Research Review Meeting October 25, 2000. New Capabilities. Discriminating between users; a good thing!
E N D
Protecting Network Quality of Service Against Denial of Service Attacks Douglas S. Reeves S. Felix Wu Fengmin Gong Talk: “00-17 reeves” CACC Research Review Meeting October 25, 2000
New Capabilities... • Discriminating between users; a good thing! • Bandwidth, quality, response time, … • Based on trust, need, importance, credit, urgency, .... : Policies!
...New Vulnerabilities • Steps • provisioning • user signaling • Admission control • network signaling • Traffic policing • Each step is vulnerable!
Attack 1: Excessive User Demands • Everyone asks for... • ...maximum resource amount • ...premium service
Our Solution: Resource Pricing • (An example: Telephone Network)
Resource Prices Based on Demand • Predicted-load (static) pricing • Auction-based (semi-static) pricing • Congestion-based (dynamic) pricing • Combined approaches
Policy Specification / Enforcement • What determines the price? • How much can each user pay?
Provable Fairness • Fairness is a policy • Achievable... • Pareto optimal • Weighted max-min fair • Proportional fair • Equal QoS • Maximal aggregate utility • Maximum revenue
Comparison With Other Approaches • First-come, first-served • “grab resources early and often” • Fixed (absolute) priority • starvation problems • Non-weighted fairness (TCP) • everyone is equal? • Other resource pricing work • static / centralized, restricted fairness
Future Work: Implementation • Fall 2000 (management tools: Summer 2001)
Fut. Wk.: 3rd Party Authorization • Spring 2001
Future Work: Service Class Provisioning • Given predicted demand for each service class... • how much of each service class should network owner provision? • what price charge for each class? • Goals: maximum profit, maximum utility, ...?
Future Work: Protecting the Pricing Mechanism • Vulnerability to attack • Protecting… • RSVP • COPS • SIP • Policy server and databases • Authorization server, user database, billing database • Spring 2002
Impact of This Work • Disincentives for "bad" user behavior • Ability to flexibly specify and enforce policies • Efficient (optimal) allocation • Economic incentives for deployment of new services
Attack 3: TCP Packet Dropping • Congestion causes "normal" packet dropping • Can malicious packet dropping (not due to normal congestion) be detected? • due to corrupted routers • due to "unfriendly" users
Attack Types • Dropping one data flow to benefit others • Injecting(spoofing, flooding,...) packets to a high priority flow • Remarking packets in a data flow • Delaying packets in a data flow • Compromised ingress, core, or egress routers