Controlling High Bandwidth Aggregates in the Network

Ratul Mahajan; Steven Michael Bellovin; Sally Floyd; John Ioannidis; Vern Paxson; Scott Shenker

Controlling High Bandwidth Aggregates in the Network
Mahajan, Ratul
Bellovin, Steven Michael
Floyd, Sally
Ioannidis, John
Paxson, Vern
Shenker, Scott
Computer Science
Persistent URL:
Computer Communication Review, vol. 32, no. 3 (July 2002), pp. 62-73.
The current Internet infrastructure has very few built-in protection mechanisms, and is therefore vulnerable to attacks and failures. In particular, recent events have illustrated the Internet's vulnerability to both denial of service (DoS) attacks and flash crowds in which one or more links in the network (or servers at the edge of the network) become severely congested. In both DoS attacks and flash crowds the congestion is due neither to a single flow, nor to a general increase in traffic, but to a well-defined subset of the traffic --- an aggregate. This paper proposes mechanisms for detecting and controlling such high bandwidth aggregates. Our design involves both a local mechanism for detecting and controlling an aggregate at a single router, and a cooperative pushback mechanism in which a router can ask upstream routers to control an aggregate. While certainly not a panacea, these mechanisms could provide some needed relief from flash crowds and flooding-style DoS attacks. The presentation in this paper is a first step towards a more rigorous evaluation of these mechanisms.
Computer science
Publisher DOI:
Item views
text | xml
Suggested Citation:
Ratul Mahajan, Steven Michael Bellovin, Sally Floyd, John Ioannidis, Vern Paxson, Scott Shenker, , Controlling High Bandwidth Aggregates in the Network, Columbia University Academic Commons, .

Columbia University Libraries | Policies | FAQ