NC STATE UNIVERSITY / MCNC

Protecting Protecting Network Quality of Network Quality of

Service Against Service Against Denial of Service AttacksDenial of Service Attacks

Douglas S. Reeves S. Felix Wu Fengmin Gong

Talk: “00-17 reeves”CACC Research Review Meeting

October 25, 2000

2

NC STATE UNIVERSITY / MCNC

New Capabilities...New Capabilities...• Discriminating between users; a

good thing!– Bandwidth, quality, response time, …

• Based on trust, need, importance, credit, urgency, .... : Policies!

3

NC STATE UNIVERSITY / MCNC

...New Vulnerabilities...New Vulnerabilities

• Steps– provisioning– user signaling– Admission control– network signaling– Traffic policing

• Each step is vulnerable!

4

NC STATE UNIVERSITY / MCNC

Attack 1: Excessive User Attack 1: Excessive User DemandsDemands

• Everyone asks for...– ...maximum resource amount– ...premium service

5

NC STATE UNIVERSITY / MCNC

Our Solution: Resource Our Solution: Resource PricingPricing

• (An example: Telephone Network)

6

NC STATE UNIVERSITY / MCNC

Resource Prices Based on Resource Prices Based on DemandDemand

• Predicted-load (static) pricing• Auction-based (semi-static) pricing• Congestion-based (dynamic) pricing• Combined approaches

7

NC STATE UNIVERSITY / MCNC

Policy Specification / Policy Specification / EnforcementEnforcement• What determines the price?

• How much can each user pay?

8

NC STATE UNIVERSITY / MCNC

Provable FairnessProvable Fairness

• Fairness is a policy• Achievable...

– Pareto optimal– Weighted max-min fair– Proportional fair– Equal QoS– Maximal aggregate utility– Maximum revenue

9

NC STATE UNIVERSITY / MCNC

Comparison With Other Comparison With Other Approaches Approaches • First-come, first-served

– “grab resources early and often”• Fixed (absolute) priority

– starvation problems• Non-weighted fairness (TCP)

– everyone is equal?• Other resource pricing work

– static / centralized, restricted fairness

10

NC STATE UNIVERSITY / MCNC

Future Work: Future Work: ImplementationImplementation

• Fall 2000 (management tools: Summer 2001)

11

NC STATE UNIVERSITY / MCNC

Fut. Wk.: 3rd Party Fut. Wk.: 3rd Party AuthorizationAuthorization

• Spring 2001

12

NC STATE UNIVERSITY / MCNC

Future Work: Service Class Future Work: Service Class ProvisioningProvisioning• Given predicted demand for each

service class...– how much of each service class should

network owner provision?– what price charge for each class?

• Goals: maximum profit, maximum utility, ...?

13

NC STATE UNIVERSITY / MCNC

Future Work: Protecting Future Work: Protecting the Pricing Mechanismthe Pricing Mechanism• Vulnerability to attack• Protecting…

– RSVP– COPS– SIP– Policy server and databases– Authorization server, user database,

billing database• Spring 2002

14

NC STATE UNIVERSITY / MCNC

Impact of This WorkImpact of This Work

• Disincentives for "bad" user behavior• Ability to flexibly specify and enforce

policies• Efficient (optimal) allocation• Economic incentives for deployment

of new services

15

NC STATE UNIVERSITY / MCNC

Attack 3: TCP Packet Attack 3: TCP Packet DroppingDropping• Congestion causes "normal" packet

dropping• Can malicious packet dropping (not

due to normal congestion) be detected?– due to corrupted routers– due to "unfriendly" users

16

NC STATE UNIVERSITY / MCNC

Attack 4: Compromised Attack 4: Compromised DiffServ RoutersDiffServ Routers

17

NC STATE UNIVERSITY / MCNC

Attack TypesAttack Types

• Dropping one data flow to benefit others

• Injecting(spoofing, flooding,...) packets to a high priority flow

• Remarking packets in a data flow• Delaying packets in a data flow• Compromised ingress, core, or

egress routers