From: Yuhan Cai (yuhancai@cs.washington.edu)
Date: Wed Dec 01 2004 - 00:11:54 PST
Title: Controlling High Bandwidth Aggregates in the Network
Authors: Ratul Mahajan, Steven M. Bellovin, and Sally Floyd
Reviewed by: Yuhan Cai
Main results of the paper:
, It proposes the mechanisms to detect and to control high bandwidth aggregates in networks.
, Simulation results have shown that these techniques are promising directions for manipulating both attacks and flash crowds.
Strengths of the paper:
, Both local and cooperative mechanisms are presented for aggregate-based congestion control. Local ones can detect and control an aggregate as a single router, and cooperative ones enable a router to ask upstream routers to control an aggregate.
, Those mechanisms effectively reduce the congestions that are caused by aggregates which can not be controlled by conventional flow-based protection techniques.
, Protections against flash crowds, DoS attacks, and other forms of aggregate-based congestions are provided.
, The pushback mechanism can prevent scarce upstream bandwidth from being wasted, and it can concentrate effectively rate-limiting on the malicious traffic within an aggregate when attack traffic is localized spatially.
Key limitations:
, For some DDoS attacks, pushback is not effective in concentrating rate-limiting on the malicious traffic within an aggregate.
, It might overcompensate, and upstream routers could unnecessarily drop packets.
, It might increase the damage to legitimate traffic from a source close to the attacking host.
Relevance of the paper:
, It is the first paper that addresses the issues of detecting and controlling high bandwidth in terms of aggregates and therefore, it is a first step towards a more rigorous evaluation.
Future work:
, It would be necessary to evaluate the trade-offs involved in various design choices.
, Implementation complexity and deployability of ACC are other open issues.
, The policies that these mechanisms need to support are to be investigated.
This archive was generated by hypermail 2.1.6 : Wed Dec 01 2004 - 00:11:59 PST