Large 01499

Countering Denial of Service (And Why It's Hard)

Katerina Argyraki

Recorded 28 October 2010 in Lausanne, Vaud, Switzerland

Event: KTN - Know Thy Neighbor


One of the toughest problems in network systems research is dealing with denial-of-service attacks, where a large number of compromised hosts send unwanted traffic to a receiver in order to exhaust its resources and disrupt its communications. Despite more than a decade of research and a slew of counter-measure products, this remains a serious, unsolved problem for the Internet. I will use the denial-of-service topic as a backdrop for describing one of the fundamental challenges of network system design: how to maintain and manage state. I will (de)construct different denial-of-service counter-measures, describe where each one keeps its state and how it manages it, and discuss why every measure that stops one form of attack opens the door to another. This conundrum is an illustration of the kind of problems network systems researchers aim to tackle.

Watched 1145 times.