M. Walfish, M. Vutukuru, H. Balakrishnan, D. Karger and S. Shenker - - PowerPoint PPT Presentation

• M. Walfish, M. Vutukuru, H. Balakrishnan, D. Karger and S. Shenker

Presented by Kong Lam Material adapted from authors’ slides 1

 The modern DDoS attacker

• Tries to make its traffjc look legitimate

 The modern DDoS defender

• Detect, then deny

 The post-modern DDoS defender (authors)

• No attempt at reliable difgerentiation:

2

2

When a server is under attack, encourage all clients to send more traffjc to the server.

3

Isn’t it smarter to do difgerentiation?

3

 Bots send requests that look legitimate

• Overloads resource like CPU, disk (not link)

 Key challenge:

• Can’t tell request was issued with ill intent

4

4

 Server overloaded; drops randomly  Attackers get the bulk of the server  This server allocation is greed-proportional

• Must change the allocation, without difgerentiating

good and bad

5

5

 Give out units of service based on client b/w  Why better than greed-proportional?

• Because good clients have more spare capacity
• Good clients “speak up”

6

6

 Only under server overload:

• Front-end admits requests periodically
• Which request to admit? “Highest” sender
• Others keep sending and eventually win
• (Allocation prop. to b/w: proved in paper.)

7

What if other DDoS defense mechanisms throttle clients’ traffjc?

7

 Needs no client change  JavaScript:

• Client constructs 1MByte string
• POSTs string in form

 Proxy: ends POST after client wins

8

8

 50 clients; all have 2 Mbits/s bandwidth  Vary number of good and bad  Good clients: 2 reqs/s; bad clients: 40 reqs/s  Server capacity: 100 reqs/s

9

9

 Should we allow such use of network b/w?  Other currency schemes are good

• Why consume public resource?

10

10