Light-weight End-to-End QoS as DoS Prevention


Marcel Waldvogel, Tobias Köck: Light-weight End-to-End QoS as DoS Prevention. In: Proceedings of IEEE LCN 2007, 2007.

Abstract

Despite decades of QoS research and many years of DoS defence work, neither group of proponents have been able to get their results included into mainstream Internet service. It seems that demand for either solution exists, but individually, they seem to be just below the cost/ benefit threshold. This paper proposes a first step into a common solution, where combined and extended interests will hopefully allow us to surpass this threshold. While there are still some open issues, we hope to not only pro- pose a basic working mechanism but also provide fresh ideas to start thinking off the beaten path. Our main contribution is to create a lightweight, end-to-end binding between path and service, which is then used as a basis to associate fur- ther attributes and mechanisms to this binding. As a result, both DoS defence and QoS can be achieved with stateless routers and only with prior consent of receiving the end sys- tems, short, achieving several of the IntServ advantages in a DiffServ-style system, i.e., avoiding per-connection state.

BibTeX (Download)

@inproceedings{Waldvogel2007Light-weight,
title = {Light-weight End-to-End QoS as DoS Prevention},
author = {Marcel Waldvogel and Tobias Köck},
url = {https://netfuture.ch/wp-content/uploads/2006/waldvogel06light-weight.pdf},
year  = {2007},
date = {2007-09-01},
urldate = {1000-01-01},
booktitle = {Proceedings of IEEE LCN 2007},
abstract = {Despite decades of QoS research and many years of DoS defence work, neither group of proponents have been able to get their results included into mainstream Internet service. It seems that demand for either solution exists, but individually, they seem to be just below the cost/ benefit threshold. This paper proposes a first step into a common solution, where combined and extended interests will hopefully allow us to surpass this threshold. While there are still some open issues, we hope to not only pro- pose a basic working mechanism but also provide fresh ideas to start thinking off the beaten path. Our main contribution is to create a lightweight, end-to-end binding between path and service, which is then used as a basis to associate fur- ther attributes and mechanisms to this binding. As a result, both DoS defence and QoS can be achieved with stateless routers and only with prior consent of receiving the end sys- tems, short, achieving several of the IntServ advantages in a DiffServ-style system, i.e., avoiding per-connection state.},
keywords = {Denial of Service, Quality of Service, Security},
pubstate = {published},
tppubtype = {inproceedings}
}

Let’s stay in touch!

Receive a mail whenever I publish a new post.

About 1-2 Mails per month, no Spam.

Follow me on the Fediverse

Web apps


Leave a Reply

Only people in my network can comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.