Light-weight End-to-End QoS as DoS Prevention

Marcel Waldvogel, Tobias Köck (2007): Light-weight End-to-End QoS as DoS Prevention. In: Proceedings of IEEE LCN 2007, 2007.

Abstract

Despite decades of QoS research and many years of DoS defence work, neither group of proponents have been able to get their results included into mainstream Internet service. It seems that demand for either solution exists, but individually, they seem to be just below the cost/ benefit threshold. This paper proposes a first step into a common solution, where combined and extended interests will hopefully allow us to surpass this threshold. While there are still some open issues, we hope to not only pro- pose a basic working mechanism but also provide fresh ideas to start thinking off the beaten path. Our main contribution is to create a lightweight, end-to-end binding between path and service, which is then used as a basis to associate fur- ther attributes and mechanisms to this binding. As a result, both DoS defence and QoS can be achieved with stateless routers and only with prior consent of receiving the end sys- tems, short, achieving several of the IntServ advantages in a DiffServ-style system, i.e., avoiding per-connection state.

BibTeX (Download)

@inproceedings{Waldvogel2007Light-weight,
title = {Light-weight End-to-End QoS as DoS Prevention},
author = {Marcel Waldvogel and Tobias Köck},
url = {https://netfuture.ch/wp-content/uploads/2006/waldvogel06light-weight.pdf},
year  = {2007},
date = {2007-09-01},
booktitle = {Proceedings of IEEE LCN 2007},
abstract = {Despite decades of QoS research and many years of DoS defence work, neither group of proponents have been able to get their results included into mainstream Internet service. It seems that demand for either solution exists, but individually, they seem to be just below the cost/ benefit threshold. This paper proposes a first step into a common solution, where combined and extended interests will hopefully allow us to surpass this threshold. While there are still some open issues, we hope to not only pro- pose a basic working mechanism but also provide fresh ideas to start thinking off the beaten path. Our main contribution is to create a lightweight, end-to-end binding between path and service, which is then used as a basis to associate fur- ther attributes and mechanisms to this binding. As a result, both DoS defence and QoS can be achieved with stateless routers and only with prior consent of receiving the end sys- tems, short, achieving several of the IntServ advantages in a DiffServ-style system, i.e., avoiding per-connection state.},
keywords = {Denial of Service, Quality of Service, Security},
pubstate = {published},
tppubtype = {inproceedings}
}

Schreibe einen Kommentar