Defending Against DDo S Attacks Using Max min
- Slides: 47
Defending Against DDo. S Attacks Using Max -min Fair Server Centric Router Throttles David K. Y. Yau CS Dept, Purdue University Operating System Concepts 1. 1 John C. S. Lu CS&E Dept, CUHK
Motivations n Internet is an open and democratic environment F increasingly used for mission-critical work and commercial applications. n Many security threats are present or appearing F Easy to launch, even for naïve users. F need effective and flexible defenses to detect/trace/counter attacks F Goals: 4 protect innocent users; 4 prosecute criminals Operating System Concepts 1. 2 Ambitious goals
Network Denial-of-service Attacks n Some attacks quite subtle F securing protocols and intrusion detection (e. g. , BGP, TCP-syn attack) F at routing infrastructure, malicious dropping of packets, etc (low-rate TCP) n Others by brute force: - flooding (e. g. , UDP, valid Web Request) n Cripples victim: - precludes any sophisticated defense at victim site F Philosophical question: what is an “attacker”? F Viewed as resource management problem Operating System Concepts 1. 3
Flooding Attack Server Operating System Concepts 1. 4
Server-centric Router Throttle n Installed by server when under stress, at a set deployment routers F can be sent by multicast n Specifies leaky bucket rate at which router can forward traffic to the server F aggressive traffic for server dropped before reaching server F rate determined by a feedbak control algorithm Issues: (1) Which set of routers? (2) What is the “proper” dropping rate? Operating System Concepts 1. 5
Router Throttle Securely installed by S Aggressive flow Throttle for S To S Throttle for S’ To S’ Deployment router C: Each victim has a leaky bucket for rate limit. Small memory and computationoverhead! Operating System Concepts 1. 6
Key Design Problems n Resource allocation: who is entitled to what? F need to keep server operating within load limits F notion of fairness, and how to achieve it? 4 Need global, rather than router-local, fairness n How to respond to network and user dynamics (e. g. , fluctuation of traffic)? F Feedback control strategy is needed Operating System Concepts 1. 7
What is being fair? n Baseline approach of dropping a fraction “f”, say ½, of traffic for each flow won’t work well F a flow can cause more damage to other flows simply by being more aggressive! n Rather, no flow should get a higher rate than another flow that has unmet demands F this way, we penalize “aggressive” flows only, but protect the well-behaving ones Operating System Concepts 1. 8
Level-k Deployment Points n Deployment points parameterized by an integer k n R(k) -- set of routers that are either k hops away from server S, or less than k hops away from S but are directly connected to a host n Fairness across global routing points R(k) Operating System Concepts 1. 10
Level-3 Deployment Server Operating System Concepts 1. 11
Feedback Control Strategy n Hysteresis control F high and low water marks for server load, to strengthen or relax router throttle n Additive increase/multiplicative decrease rate adjustment F increases when server load exceeds US, and decreases when server load falls below LS F throttle removed when a relaxed rate does not result in significant server load increase Operating System Concepts 1. 12
Fairness Definition n A resource control algorithm achieves level-k max-min fairness among the routers R(k) if the allowed forwarding rate of traffic for S at each router is the router’s max-min fair share of some rate r satisfying LS r US Operating System Concepts 1. 13
Fair Throttle Algorithm Operating System Concepts 1. 14
Example Max-min Rates (L=18, H=22) 18. 23 6. 65 24. 88 6. 25 0. 22 14. 1 15. 51 59. 9 Server 0. 01 6. 25 17. 73 6. 25 0. 61 20. 53 1. 40 17. 73 0. 95 Operating System Concepts 1. 15 0. 61
Interesting Questions n Can we preferentially drop attacker traffic over good user traffic? n Can we successfully keep server operating within design limits, so that good user traffic that makes it gets acceptable service? n How stable is such a control algorithm? How does it converge? Operating System Concepts 1. 16
Algorithm Evaluation n Control-theoretic analysis (fluid analysis) F algorithm stability and convergence under different system parameters n Packet network simulations (packet level analysis) F Test under UDP and TCP traffic. Also test with Web traces n System implementation (the real thing, baby !!!) F deployment costs Operating System Concepts 1. 17
Control-theoretic Model Throttle signal from victim Step size Adjusted traffic from source i When throttle signal is high, server is underloaded. When throttle signal is low, server is overloaded. ANALOGY!!! Operating System Concepts 1. 18
Feedback Control Model (Us=1750; Ls=1650) Constant Source of 20 Constant Source of 30 Constant Source of 25 Constant Source of 4000 Constant Source of 2800 Operating System Concepts 1. 19
Output for good traffic (total from source 1) Operating System Concepts 1. 20
Output for attack traffic (total from source 5) Operating System Concepts 1. 21
Output for attack traffic (total from source 6) Operating System Concepts 1. 22
Total traffic to server (Us=1750; Ls=1650) Operating System Concepts 1. 23
Case 2: variable attack traffic (Us=1750, Ls=1650) Square Pulse Operating System Concepts 1. 24
Output of attack traffic 1 Operating System Concepts 1. 25
Output of attack traffic 2 Operating System Concepts 1. 26
Total traffic to server (Us=1750; Ls=1650) Operating System Concepts 1. 27
Feedback Control Model (sources and server) Operating System Concepts 1. 28
Feedback Control Model (server throttle signal) Operating System Concepts 1. 29
Feedback Control Model (sources process throttle) Operating System Concepts 1. 30
Throttle Rate (L=900; U=1100) Operating System Concepts 1. 31
Server Load (L = 900; U = 1100) Operating System Concepts 1. 32
Throttle Rate (U = 1100) Operating System Concepts 1. 33
Server Load (U = 1100) Operating System Concepts 1. 34
Throttle Rate (L=1050; U=1100) Operating System Concepts 1. 35
Server Load (L=1050; U=1100) Operating System Concepts 1. 36
NS 2: UDP Simulation Experiments n Global network topology reconstructed from real traceroute data F AT&T Internet mapping project: 709, 310 traceroute paths, single source to 103, 402 other destinations F randomly select 5, 000 paths, with 135, 821 nodes of which 3879 are hosts n Randomly select x% of hosts to be attackers F good users send at rate [0, r], attackers at rate [0, R] Operating System Concepts 1. 37
20% Evenly Distributed Aggressive (10: 1) Attackers Operating System Concepts 1. 38
40% Evenly Distributed Aggressive (5: 1) Attackers Operating System Concepts 1. 39
Evenly Operating System Concepts Distributed “meek” Attackers 1. 40
Deployment Extent Operating System Concepts 1. 41
NS 2: TCP Simulation Experiment n Clients access web server via HTTP 1. 0 over TCP Reno n Simulated network subset of AT&T traceroute topology F 85 hosts, 20% attackers n Web clients make request probabilistically with empirical document size and inter-request time distributions Operating System Concepts 1. 42
Web Server Protection Operating System Concepts 1. 43
Web Server Traffic Control Operating System Concepts 1. 44
System Implementation n On Linux router Floadable kernel module FCPU resource reservation n Deployment platform FPentium 4/2 G Hz PC Fmultiple 10/100 Mb/s Ethernet interfaces Operating System Concepts 1. 45
System Implementation: cont n OPERA: An Open-Source Extensible Router Architecture http: //www. cse. cuhk. edu. hk/~cslui/ANSRlab/software/opera/ n A Linux-based package for implementing a software programmable router architecture with the aim to facilitate networking experiments for the research community. Using this architecture, one can dynamically load new extension and services into the programmable router. Some interesting extensions include Qo. S support and traceback of DDo. S attacks. ) n Dynamic module loading n Resource reservation n General extension framework n Secured Communication Operating System Concepts 1. 46
Future Work n Offered load-aware control algorithm for computing throttle rate F impact on convergence and stability n Policy-based notion of fairness F heterogeneous network regions, by size, susceptibility to attacks, tariff payment n Selective deployment issues n Impact on real user applications n Defense for other forms of DDo. S like the reflector attack, BGP cascading failure. . etc. Operating System Concepts 1. 48
Conclusions n Extensible routers can help improve network health n Presented a server-centric router throttle mechanism for DDo. S flooding attacks F can better protect good user traffic from aggressive attacker traffic F can keep server operational under an ongoing attack F has efficient implementation Operating System Concepts 1. 49
- Max-min fairness example
- Optimization problems maximum and minimum
- Min max algorithm
- Min max heap
- Lbo modelling test
- Flow g cut
- Erm kardinalitäten min max
- Absolute min and max
- Relative maxima
- Max-min fairness
- Company er diagram
- Class diagram cardinality
- Minterms
- Min max notation er diagram
- Int.max
- Max-min
- What is a vertex form
- Min max notation er diagram
- Is integral the area under a curve
- Max min con principle in research design
- Min max notation er diagram
- Zur theorie der gesellschaftsspiele
- Min max algorithm
- Min max notation er diagram
- Max flow min cut algorithm
- Min mode and max mode in 8086
- Quadratic word problems
- Min max notation er diagram
- Straitmaxmin adalah
- Integral to sigma notation
- Er diagram min max notation
- Double-ended priority queue
- Symmetric min max heap
- Data characterization
- Properties of quadratic functions in standard form
- Max-min composition
- Defending sola scriptura
- When atticus speaks of defending tom robinson
- Defending the faith verses
- Attacking and defending castles
- Cisco self defending network
- Covetous antisocial
- Self-defending network
- Defending and non defining relative clauses
- Was magellan worth defending?
- Why is it important to defend your faith
- Calculate drip rate
- Lesson 27 using diet to guard against disease