Controlling high bandwidth aggregates in the network

TLDR

The Internet lacks robust protection mechanisms, making it vulnerable to DoS attacks and flash crowds that congest links due to specific high‑bandwidth traffic aggregates. The paper proposes mechanisms to detect and control high‑bandwidth traffic aggregates and aims to lay groundwork for a rigorous evaluation of these mechanisms. The design includes a local router‑based detection and control of aggregates and a cooperative pushback scheme that requests upstream routers to manage the aggregate. These mechanisms may alleviate flash crowds and flooding‑style DoS attacks, though they are not a complete solution.

Abstract

The current Internet infrastructure has very few built-in protection mechanisms, and is therefore vulnerable to attacks and failures. In particular, recent events have illustrated the Internet's vulnerability to both denial of service (DoS) attacks and flash crowds in which one or more links in the network (or servers at the edge of the network) become severely congested. In both DoS attacks and flash crowds the congestion is due neither to a single flow, nor to a general increase in traffic, but to a well-defined subset of the traffic --- an aggregate . This paper proposes mechanisms for detecting and controlling such high bandwidth aggregates. Our design involves both a local mechanism for detecting and controlling an aggregate at a single router, and a cooperative pushback mechanism in which a router can ask upstream routers to control an aggregate. While certainly not a panacea, these mechanisms could provide some needed relief from flash crowds and flooding-style DoS attacks. The presentation in this paper is a first step towards a more rigorous evaluation of these mechanisms.

References

Page 1

	Year	Citations

Page 1