1 / 13

DDOS Defense by Offense

DDOS Defense by Offense. OFFENSE Presented by: Anup Goyal Aojan Su. Objections. Several objections identified By Authors itself Bandwidth Envy Flash Crowds Variable bandwidth cost Is It Practical in real Internet ??. Clients ’ upload capacity.

donnel
Télécharger la présentation

DDOS Defense by Offense

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DDOS Defense by Offense OFFENSE Presented by: Anup Goyal Aojan Su

  2. Objections • Several objections identified By Authors itself • Bandwidth Envy • Flash Crowds • Variable bandwidth cost • Is It Practical in real Internet ??

  3. Clients’ upload capacity • Clients with limited upload capacity (dialup users) can not “speak-up” • They can’t increase their chance to obtain service. In worse case, they can suffer when everyone else speaks up.

  4. Can’t detect malicious client • Even good clients need to flood the server to get service. • It could be much more difficult to detect attackers.

  5. Access Link Congestion • If the access link of thinner is congested, legitimate clients would back off due to congestion control. • Attackers could ignore congestion control and send at higher capacity.

  6. Edge Network Flooding • Good client’s flooding traffic effect edge networks by increased traffic volumes. • potentially harming other flows.

  7. Problem for good guys • No good way to accommodate clientèle (good and bad) coming from the same location. • Good Client always loose while sharing a Bottleneck link.

  8. Impact on Other Traffic THIS IS BAD !!!!

  9. Problems Unaddressed/overlooked • Effect of low-rate attack not addressed • Bad client also has spare bandwidth. • Assumptions hold because of nature of current network characteristics • How to detect when these assumptions break? • Switch off speak-up (automatically?) under these conditions. • Effect of various traffic patterns? (i.e. heavy-tail distribution)

  10. My Question • Are speak-up’s assumptions reasonable? • “The thinner is never congested”? • Impact on network • good traffic amplifier? • How much bandwidth will be wasted for dummy bytes?

  11. Primary Focus on HTTP • Focus primarily on Web traffic and its properties (e.g. HTTP). • Does not mention its usefulness for any other situation or protocol.

  12. Market Survey Missing • The researchers have not done a market survey, thus all their findings are theoretical. • Economic issue consideration is missing.

  13. Extra hardware • There is extra hardware (the Thinner) that has to sit in front of any server we want to protect by Speak-Up. • Expensive • Single Point of Failure

More Related