Prof. Mort AnvariStrayer University at Arlington, VAAugust 2004 1 Exposing and Eliminating...

Prof. Mort AnvariProf. Mort Anvari Strayer University at Arlington, VAStrayer University at Arlington, VA August 2004 August 2004 11

Exposing and Eliminating Exposing and Eliminating Vulnerabilities to Denial of Vulnerabilities to Denial of Service Attacks in SecureService Attacks in SecureGossip-Based MulticastGossip-Based Multicast

Exposing and Eliminating Exposing and Eliminating Vulnerabilities to Denial of Vulnerabilities to Denial of Service Attacks in SecureService Attacks in SecureGossip-Based MulticastGossip-Based Multicast


AgendaAgendaAgendaAgenda

• Overview of gossip-based multicastOverview of gossip-based multicast

• The problemThe problem

• Proposed solutionProposed solution

• Analysis and simulationsAnalysis and simulations

• Implementation and measurementsImplementation and measurements

• ConclusionsConclusions

• Overview of gossip-based multicastOverview of gossip-based multicast

• The problemThe problem

• Proposed solutionProposed solution

• Analysis and simulationsAnalysis and simulations

• Implementation and measurementsImplementation and measurements

• ConclusionsConclusions


MulticastMulticastMulticastMulticast

• A group of membersA group of members

• At least one member is a At least one member is a sourcesource – – generates messagesgenerates messages

• Messages should arrive to all of the Messages should arrive to all of the group members in a timely fashiongroup members in a timely fashion

• Network level vs. application level Network level vs. application level (ALM)(ALM)

• A group of membersA group of members

• At least one member is a At least one member is a sourcesource – – generates messagesgenerates messages

• Messages should arrive to all of the Messages should arrive to all of the group members in a timely fashiongroup members in a timely fashion

• Network level vs. application level Network level vs. application level (ALM)(ALM)


Tree-Based MulticastTree-Based MulticastTree-Based MulticastTree-Based Multicast

• Use a spanning tree – most common Use a spanning tree – most common solutionsolution

• No duplicates (optimal BW when network-No duplicates (optimal BW when network-level)level)

• Single points of failureSingle points of failure

• Use a spanning tree – most common Use a spanning tree – most common solutionsolution

• No duplicates (optimal BW when network-No duplicates (optimal BW when network-level)level)

• Single points of failureSingle points of failure

Source


Gossip-Based MulticastGossip-Based MulticastGossip-Based MulticastGossip-Based Multicast

• Progresses in roundsProgresses in rounds• Every roundEvery round

– Choose random partners (Choose random partners (view view ))– Send or receive messagesSend or receive messages– Discard old msgs from bufferDiscard old msgs from buffer

• Probabilistic reliabilityProbabilistic reliability• Trades latency and BW for redundancyTrades latency and BW for redundancy• Two methodsTwo methods

– PushPush– PullPull

• Progresses in roundsProgresses in rounds• Every roundEvery round

– Choose random partners (Choose random partners (view view ))– Send or receive messagesSend or receive messages– Discard old msgs from bufferDiscard old msgs from buffer

• Probabilistic reliabilityProbabilistic reliability• Trades latency and BW for redundancyTrades latency and BW for redundancy• Two methodsTwo methods

– PushPush– PullPull


PushPushPushPush

Source


PullPullPullPull

Source


Hostility over the InternetHostility over the InternetHostility over the InternetHostility over the Internet

• Forgery/spoofingForgery/spoofing

• PenetrationPenetration

• Denial of Service (DoS)Denial of Service (DoS)

• Forgery/spoofingForgery/spoofing

• PenetrationPenetration

• Denial of Service (DoS)Denial of Service (DoS)


Denial of ServiceDenial of ServiceDenial of ServiceDenial of Service

• Unavailability of serviceUnavailability of service

• MethodsMethods– Exploiting bugsExploiting bugs– Exhausting resourcesExhausting resources

• Remote attacksRemote attacks– Network levelNetwork level– Application levelApplication level

• Got little attentionGot little attention

• No quantitative analysis of impact on applicationNo quantitative analysis of impact on application

• Unavailability of serviceUnavailability of service

• MethodsMethods– Exploiting bugsExploiting bugs– Exhausting resourcesExhausting resources

• Remote attacksRemote attacks– Network levelNetwork level– Application levelApplication level

• Got little attentionGot little attention

• No quantitative analysis of impact on applicationNo quantitative analysis of impact on application


Dollar Amount of Losses by TypeDollar Amount of Losses by TypeDollar Amount of Losses by TypeDollar Amount of Losses by Type


Remote Application-Level Remote Application-Level DoSDoS

Remote Application-Level Remote Application-Level DoSDoS

Valid RequestValid Request

Bogus RequestBogus Request

No AttackNo Attack

DoS AttackDoS Attack


Effects of DoS on GossipEffects of DoS on GossipEffects of DoS on GossipEffects of DoS on Gossip

• Reasonable to assume that source is Reasonable to assume that source is attackedattacked

• Surprisingly, we show that naïve gossip Surprisingly, we show that naïve gossip is vulnerable to DoS attacksis vulnerable to DoS attacks

• Attacking a process in pull-based gossip Attacking a process in pull-based gossip may prevent it from may prevent it from sendingsending messages messages

• Attacking a process in push-based Attacking a process in push-based gossip may prevent it from gossip may prevent it from receivingreceiving messagesmessages

• Reasonable to assume that source is Reasonable to assume that source is attackedattacked

• Surprisingly, we show that naïve gossip Surprisingly, we show that naïve gossip is vulnerable to DoS attacksis vulnerable to DoS attacks

• Attacking a process in pull-based gossip Attacking a process in pull-based gossip may prevent it from may prevent it from sendingsending messages messages

• Attacking a process in push-based Attacking a process in push-based gossip may prevent it from gossip may prevent it from receivingreceiving messagesmessages


Our SolutionOur SolutionOur SolutionOur Solution

• Drum – a new gossip-based ALM protocolDrum – a new gossip-based ALM protocol

• Utilizes DoS-mitigation techniquesUtilizes DoS-mitigation techniques– Separating and bounding resourcesSeparating and bounding resources– Combining both push and pullCombining both push and pull– Using random one-time ports to communicateUsing random one-time ports to communicate

• Proven robust using formal analysis and Proven robust using formal analysis and quantitative evaluationquantitative evaluation– Provides general methods for analyzing and Provides general methods for analyzing and

quantitatively evaluating resistance to DoS-quantitatively evaluating resistance to DoS-attacksattacks

• Drum – a new gossip-based ALM protocolDrum – a new gossip-based ALM protocol

• Utilizes DoS-mitigation techniquesUtilizes DoS-mitigation techniques– Separating and bounding resourcesSeparating and bounding resources– Combining both push and pullCombining both push and pull– Using random one-time ports to communicateUsing random one-time ports to communicate

• Proven robust using formal analysis and Proven robust using formal analysis and quantitative evaluationquantitative evaluation– Provides general methods for analyzing and Provides general methods for analyzing and

quantitatively evaluating resistance to DoS-quantitatively evaluating resistance to DoS-attacksattacks


Bounding ResourcesBounding ResourcesBounding ResourcesBounding Resources

• Motivation: prevent resource Motivation: prevent resource exhaustionexhaustion

• Each round process a random subset Each round process a random subset of the arriving messages and discard of the arriving messages and discard the restthe rest

• Motivation: prevent resource Motivation: prevent resource exhaustionexhaustion

• Each round process a random subset Each round process a random subset of the arriving messages and discard of the arriving messages and discard the restthe rest

Valid RequestValid Request

Bogus RequestBogus Request

Round DurationRound Duration


Combining Push and PullCombining Push and PullCombining Push and PullCombining Push and Pull

• Attacking push cannot prevent Attacking push cannot prevent receiving messages via pull (random receiving messages via pull (random ports)ports)

• Attacking pull cannot prevent Attacking pull cannot prevent sending via pushsending via push

• Attacking push cannot prevent Attacking push cannot prevent receiving messages via pull (random receiving messages via pull (random ports)ports)

• Attacking pull cannot prevent Attacking pull cannot prevent sending via pushsending via push


Random PortsRandom PortsRandom PortsRandom Ports

• Any request necessitating a reply Any request necessitating a reply contains a random port numbercontains a random port number– ““Invisible” to the attacker (e.g., encrypted)Invisible” to the attacker (e.g., encrypted)

• The reply is sent to that random portThe reply is sent to that random port

• Assumption: attacking other ports does Assumption: attacking other ports does not affect the random port’s queue (i.e., not affect the random port’s queue (i.e., there is no BW exhaustion)there is no BW exhaustion)

• Any request necessitating a reply Any request necessitating a reply contains a random port numbercontains a random port number– ““Invisible” to the attacker (e.g., encrypted)Invisible” to the attacker (e.g., encrypted)

• The reply is sent to that random portThe reply is sent to that random port

• Assumption: attacking other ports does Assumption: attacking other ports does not affect the random port’s queue (i.e., not affect the random port’s queue (i.e., there is no BW exhaustion)there is no BW exhaustion)


Drum’s Push MechanismDrum’s Push MechanismDrum’s Push MechanismDrum’s Push Mechanism

• Alice sends Bob a push-offerAlice sends Bob a push-offer

• Bob replies with a digest of Bob replies with a digest of messages he has already receivedmessages he has already received

• Alice only sends Bob messages Alice only sends Bob messages missing from his digestmissing from his digest

• Random portsRandom ports

• Alice sends Bob a push-offerAlice sends Bob a push-offer

• Bob replies with a digest of Bob replies with a digest of messages he has already receivedmessages he has already received

• Alice only sends Bob messages Alice only sends Bob messages missing from his digestmissing from his digest

• Random portsRandom ports


Evaluation MethodologyEvaluation MethodologyEvaluation MethodologyEvaluation Methodology

• Compare 3 protocolsCompare 3 protocols– Push (push-based with bounded resources)Push (push-based with bounded resources)– Pull (pull-based with bounded resources)Pull (pull-based with bounded resources)– DrumDrum

• Under various DoS attacksUnder various DoS attacks– Fixed strengthFixed strength– Increasing strengthIncreasing strength

• Source is always attackedSource is always attacked• Evaluates combination of Push and PullEvaluates combination of Push and Pull

• Compare 3 protocolsCompare 3 protocols– Push (push-based with bounded resources)Push (push-based with bounded resources)– Pull (pull-based with bounded resources)Pull (pull-based with bounded resources)– DrumDrum

• Under various DoS attacksUnder various DoS attacks– Fixed strengthFixed strength– Increasing strengthIncreasing strength

• Source is always attackedSource is always attacked• Evaluates combination of Push and PullEvaluates combination of Push and Pull


Evaluation Methodology Evaluation Methodology (cont.)(cont.)

Evaluation Methodology Evaluation Methodology (cont.)(cont.)

• Measure Measure propagation timepropagation time – – expected number of rounds it takes a expected number of rounds it takes a message to reach all of the correct message to reach all of the correct processesprocesses– 99% in the simulations and actual 99% in the simulations and actual

measurementsmeasurements

• Use real implementation to measure Use real implementation to measure actual latency and throughputactual latency and throughput

• Measure Measure propagation timepropagation time – – expected number of rounds it takes a expected number of rounds it takes a message to reach all of the correct message to reach all of the correct processesprocesses– 99% in the simulations and actual 99% in the simulations and actual

measurementsmeasurements

• Use real implementation to measure Use real implementation to measure actual latency and throughputactual latency and throughput


Analysis/Simulation Analysis/Simulation AssumptionsAssumptions

Analysis/Simulation Analysis/Simulation AssumptionsAssumptions

• Static group with complete connectivityStatic group with complete connectivity• Processes have complete group knowledgeProcesses have complete group knowledge• Propagation of a single message Propagation of a single message MM

– But simulate situation where all procs have msgs to But simulate situation where all procs have msgs to sendsend

• MM is never purged from local buffers is never purged from local buffers• Rounds are synchronizedRounds are synchronized• All round operations complete within the same All round operations complete within the same

roundround• All processes are correct (analysis) or 10% of All processes are correct (analysis) or 10% of

them perform a DoS attack (simulation)them perform a DoS attack (simulation)

• Static group with complete connectivityStatic group with complete connectivity• Processes have complete group knowledgeProcesses have complete group knowledge• Propagation of a single message Propagation of a single message MM

– But simulate situation where all procs have msgs to But simulate situation where all procs have msgs to sendsend

• MM is never purged from local buffers is never purged from local buffers• Rounds are synchronizedRounds are synchronized• All round operations complete within the same All round operations complete within the same

roundround• All processes are correct (analysis) or 10% of All processes are correct (analysis) or 10% of

them perform a DoS attack (simulation)them perform a DoS attack (simulation)


Validating Known ResultsValidating Known ResultsValidating Known ResultsValidating Known Results

• The propagation time of gossip-The propagation time of gossip-based multicast protocols is O(log n) based multicast protocols is O(log n) [P87, KSSV00][P87, KSSV00]

• The propagation time of gossip-The propagation time of gossip-based multicast protocols is O(log n) based multicast protocols is O(log n) [P87, KSSV00][P87, KSSV00]


102

103

1

2

3

4

5

6

7

8

9

10#

rou

nd

s

# processes (log scale)

Expected Propagation Time

PushPullDrum


Validating Known Results Validating Known Results (cont.)(cont.)

Validating Known Results Validating Known Results (cont.)(cont.)

• The performance of gossip-based The performance of gossip-based multicast protocols degrades multicast protocols degrades gracefully as failures amount gracefully as failures amount [LMM00, GvRB01][LMM00, GvRB01]

• The performance of gossip-based The performance of gossip-based multicast protocols degrades multicast protocols degrades gracefully as failures amount gracefully as failures amount [LMM00, GvRB01][LMM00, GvRB01]


0 10 20 30 40 50 60 70 80 900

5

10

15

20

25

30

% failed processes

# ro

un

ds

Expected Propagation Time, n = 1000

PushPullDrum


DefinitionsDefinitionsDefinitionsDefinitions

• nn – number of processes in the group – number of processes in the group

• FF – size of – size of viewview, and max # of , and max # of requests to process in a round (requests to process in a round (F = 4 F = 4 ))

– – percentage of attacked processespercentage of attacked processes

• xx – number of bogus messages an – number of bogus messages an attacked process receives in a roundattacked process receives in a round

• BB – total attack strength ( – total attack strength (B = B = nx nx ))

• nn – number of processes in the group – number of processes in the group

• FF – size of – size of viewview, and max # of , and max # of requests to process in a round (requests to process in a round (F = 4 F = 4 ))

– – percentage of attacked processespercentage of attacked processes

• xx – number of bogus messages an – number of bogus messages an attacked process receives in a roundattacked process receives in a round

• BB – total attack strength ( – total attack strength (B = B = nx nx ))


Analysis – Increasing Analysis – Increasing StrengthStrength


• Lemma 1: Fix Lemma 1: Fix and and nn. . Drum’s Drum’s propagation time is bounded from propagation time is bounded from above by a constant independent of xabove by a constant independent of x

• Proof ideaProof idea– Define Define effective fan-ineffective fan-in and and effective fan-outeffective fan-out– Both have an element independent of Both have an element independent of xx– When When x x this element is dominant this element is dominant– The effective fans are bounded from belowThe effective fans are bounded from below

• Lemma 1: Fix Lemma 1: Fix and and nn. . Drum’s Drum’s propagation time is bounded from propagation time is bounded from above by a constant independent of xabove by a constant independent of x

• Proof ideaProof idea– Define Define effective fan-ineffective fan-in and and effective fan-outeffective fan-out– Both have an element independent of Both have an element independent of xx– When When x x this element is dominant this element is dominant– The effective fans are bounded from belowThe effective fans are bounded from below




• Lemma 2: Fix Lemma 2: Fix and and nn. . The propagation The propagation time of Push grows at least linearly with xtime of Push grows at least linearly with x

• Proof ideaProof idea– Assume all non-attacked processes already Assume all non-attacked processes already

have the message (and so does the source)have the message (and so does the source)– Bound the expected number of processes Bound the expected number of processes

having having MM at round at round kk from above from above– Find the minimal Find the minimal kk in which all processes have in which all processes have

MM– Reaching all attacked processes takes at least Reaching all attacked processes takes at least

a time linear in a time linear in xx

• Lemma 2: Fix Lemma 2: Fix and and nn. . The propagation The propagation time of Push grows at least linearly with xtime of Push grows at least linearly with x

• Proof ideaProof idea– Assume all non-attacked processes already Assume all non-attacked processes already

have the message (and so does the source)have the message (and so does the source)– Bound the expected number of processes Bound the expected number of processes

having having MM at round at round kk from above from above– Find the minimal Find the minimal kk in which all processes have in which all processes have

MM– Reaching all attacked processes takes at least Reaching all attacked processes takes at least

a time linear in a time linear in xx




• Lemma 3: Fix Lemma 3: Fix and and nn. . The propagation The propagation time of Pull grows at least linearly with xtime of Pull grows at least linearly with x

• Proof ideaProof idea– Denote by Denote by pp the probability that the source the probability that the source

reads a valid pull request in a roundreads a valid pull request in a round– # of rounds for # of rounds for MM to leave the source is to leave the source is

geometrically distributed with geometrically distributed with pp– The expectation is The expectation is 1/p1/p– 1/p1/p is at least linear in is at least linear in xx

• Lemma 3: Fix Lemma 3: Fix and and nn. . The propagation The propagation time of Pull grows at least linearly with xtime of Pull grows at least linearly with x

• Proof ideaProof idea– Denote by Denote by pp the probability that the source the probability that the source

reads a valid pull request in a roundreads a valid pull request in a round– # of rounds for # of rounds for MM to leave the source is to leave the source is

geometrically distributed with geometrically distributed with pp– The expectation is The expectation is 1/p1/p– 1/p1/p is at least linear in is at least linear in xx


0 20 40 60 80 100 120 1400

5

10

15

20

25

30

x

Expected Propagation Time, = 10%

# ro

un

ds

Push, n = 1000Push, n = 120Pull, n = 1000Pull, n = 120Drum, n = 1000Drum, n = 120


10 20 30 40 50 60 70 800

10

20

30

40

50

60

70

80#

rou

nd

s

Expected Propagation Time, x = 128

Push, 1000Push, 120Pull, 1000Pull, 120Drum, 1000Drum, 120


Analysis – Fixed StrengthAnalysis – Fixed StrengthAnalysis – Fixed StrengthAnalysis – Fixed Strength

• Define Define c = B/nFc = B/nF (total attack (total attack strength divided by total system strength divided by total system capacity)capacity)

• Lemma 4: Lemma 4: For c > 5, Drum’s For c > 5, Drum’s expected propagation time is expected propagation time is monotonically increasing with monotonically increasing with

• Proof ideaProof idea– Effective fan-inEffective fan-in and and effective fan-outeffective fan-out are are

monotonically decreasing with monotonically decreasing with

• Define Define c = B/nFc = B/nF (total attack (total attack strength divided by total system strength divided by total system capacity)capacity)

• Lemma 4: Lemma 4: For c > 5, Drum’s For c > 5, Drum’s expected propagation time is expected propagation time is monotonically increasing with monotonically increasing with

• Proof ideaProof idea– Effective fan-inEffective fan-in and and effective fan-outeffective fan-out are are

monotonically decreasing with monotonically decreasing with


0 10 20 30 40 50 60 70 80 900

5

10

15

20

25

30#

rou

nd

s

Expected Propagation Time, B = 7.2n (c = 2)

Push, n = 120Push, n = 500Pull, n = 120Pull, n = 500Drum, n = 120Drum, n = 500


Implementation and Implementation and MeasurementsMeasurements

Implementation and Implementation and MeasurementsMeasurements

• Uses the Java programming languageUses the Java programming language

• Multithreaded processesMultithreaded processes

• Operations are not synchronizedOperations are not synchronized

• Rounds are not synchronized among Rounds are not synchronized among processesprocesses

• 50 machines on a 100Mbit LAN (Emulab)50 machines on a 100Mbit LAN (Emulab)

• One process per machineOne process per machine

• 5 processes (10%) perform a DoS attack5 processes (10%) perform a DoS attack

• Uses the Java programming languageUses the Java programming language

• Multithreaded processesMultithreaded processes

• Operations are not synchronizedOperations are not synchronized

• Rounds are not synchronized among Rounds are not synchronized among processesprocesses

• 50 machines on a 100Mbit LAN (Emulab)50 machines on a 100Mbit LAN (Emulab)

• One process per machineOne process per machine

• 5 processes (10%) perform a DoS attack5 processes (10%) perform a DoS attack


Validating the SimulationsValidating the SimulationsValidating the SimulationsValidating the Simulations

• Evaluate the protocols in the same Evaluate the protocols in the same scenarios tested by simulationscenarios tested by simulation

• High correlation shows that the High correlation shows that the simplifying assumptions have little simplifying assumptions have little effect on the resultseffect on the results

• Evaluate the protocols in the same Evaluate the protocols in the same scenarios tested by simulationscenarios tested by simulation

• High correlation shows that the High correlation shows that the simplifying assumptions have little simplifying assumptions have little effect on the resultseffect on the results


0 20 40 60 80 100 120 1400

5

10

15

20

25Expected Propagation Time, = 10%, n = 50

# ro

un

ds

x

Push measurementsPush simulationPull measurementsPull simulationDrum measurementsDrum simulation


10 20 30 40 50 60 70 800

10

20

30

40

50

60

70

80Expected Propagation Time, x = 128, n = 50

# ro

un

ds

Push measurementsPush simulationPull measurementsPull simulationDrum measurementsDrum simulation


High-Throughput High-Throughput ExperimentsExperiments

High-Throughput High-Throughput ExperimentsExperiments

• Single sourceSingle source• Creates 40 messages (50 bytes long) per Creates 40 messages (50 bytes long) per

secondsecond• Total of 10,000 messagesTotal of 10,000 messages• Round duration = 1 secondRound duration = 1 second• Messages are purged after 10 roundsMessages are purged after 10 rounds• Each process sends at most 80 data Each process sends at most 80 data

messages to another process in a roundmessages to another process in a round• Throughput and latency are measured at the Throughput and latency are measured at the

44 correct receiving processes44 correct receiving processes

• Single sourceSingle source• Creates 40 messages (50 bytes long) per Creates 40 messages (50 bytes long) per

secondsecond• Total of 10,000 messagesTotal of 10,000 messages• Round duration = 1 secondRound duration = 1 second• Messages are purged after 10 roundsMessages are purged after 10 rounds• Each process sends at most 80 data Each process sends at most 80 data

messages to another process in a roundmessages to another process in a round• Throughput and latency are measured at the Throughput and latency are measured at the

44 correct receiving processes44 correct receiving processes


0 20 40 60 80 100 120 1405

10

15

20

25

30

35

40

45Average Received Throughput, = 10%, n = 50

Ave

rag

e T

hro

ug

hp

ut

(msg

s/se

c)

x

DrumPushPull


0 10 20 30 40 50 60 70 800

5

10

15

20

25

30

35

40

45

Ave

rag

e T

hro

ug

hp

ut

(msg

s/se

c)

Average Received Throughput, x = 128, n = 50

DrumPushPull


1000 2000 3000 4000 5000 6000 7000 8000 9000 100000

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

Average Latency (msecs)

# o

f C

orr

ect

Pro

cess

es (

No

rmal

ized

)

CDF: Average Latency of Received Messages, x = 128, = 40%, n = 50

DrumPushPull


ConclusionsConclusionsConclusionsConclusions

• DoS attacks are a real problemDoS attacks are a real problem• Gossip-based protocols have no single points of failureGossip-based protocols have no single points of failure• However, naïve gossip-based protocols are vulnerable However, naïve gossip-based protocols are vulnerable

to targeted DoS attacksto targeted DoS attacks• Drum uses simple techniques to mitigate the effects of Drum uses simple techniques to mitigate the effects of

DoS attacksDoS attacks• Evaluations show Drum’s resistance to DoSEvaluations show Drum’s resistance to DoS• The most effective attack against Drum is a broad oneThe most effective attack against Drum is a broad one• General DoS-mitigation techniques: random ports and General DoS-mitigation techniques: random ports and

neighbor-selectionneighbor-selection• Analysis and quantitative evaluation techniques may Analysis and quantitative evaluation techniques may

be applicable to other systems as wellbe applicable to other systems as well

• DoS attacks are a real problemDoS attacks are a real problem• Gossip-based protocols have no single points of failureGossip-based protocols have no single points of failure• However, naïve gossip-based protocols are vulnerable However, naïve gossip-based protocols are vulnerable

to targeted DoS attacksto targeted DoS attacks• Drum uses simple techniques to mitigate the effects of Drum uses simple techniques to mitigate the effects of

DoS attacksDoS attacks• Evaluations show Drum’s resistance to DoSEvaluations show Drum’s resistance to DoS• The most effective attack against Drum is a broad oneThe most effective attack against Drum is a broad one• General DoS-mitigation techniques: random ports and General DoS-mitigation techniques: random ports and

neighbor-selectionneighbor-selection• Analysis and quantitative evaluation techniques may Analysis and quantitative evaluation techniques may

be applicable to other systems as wellbe applicable to other systems as well

Prof. Mort AnvariStrayer University at Arlington, VAAugust 2004 1 Exposing and Eliminating...

Documents

Transcript of Prof. Mort AnvariStrayer University at Arlington, VAAugust 2004 1 Exposing and Eliminating...