Rob Sherwood Bobby Bhattacharjee Ryan Braud. University of Maryland. Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.
|
|
- Lindsay Park
- 5 years ago
- Views:
Transcription
1 Rob Sherwood Bobby Bhattacharjee Ryan Braud University of Maryland UCSD Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.1
2 Sender Receiver Sender transmits packet 1:1461 Time Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.2
3 Sender Receiver Sender transmits packet Receiver ACKs Time 1:1461 ack 1461 Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.2
4 Sender Receiver Sender transmits packet Receiver ACKs Congestion window grows as long as ACKs continue Time 1:1461 ack : :4381 Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.2
5 Sender Receiver Sender transmits packet Receiver ACKs Congestion window grows as long as ACKs continue ACKs are cumulative Time 1:1461 ack : :4381 ack 4381 Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.2
6 From ACKs, sender infers: Packet Loss Sender Receiver 1:1461 Time ack : :4381 ack 4381 Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.3
7 From ACKs, sender infers: Packet Loss When to send Data is buffered Time Sender 1:1461 ack :2921 Receiver 2921:4381 ack 4381 Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.3
8 From ACKs, sender infers: Packet Loss When to send Data is buffered How much to send ACKs increase cwnd Time Sender 1:1461 ack : :4381 ack 4381 Receiver Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.3
9 From ACKs, sender infers: Packet Loss When to send Data is buffered How much to send ACKs increase cwnd When to time out RTT estimation Time Sender 1:1461 ack : :4381 ack 4381 Receiver Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.3
10 From ACKs, sender infers: Packet Loss When to send Data is buffered How much to send ACKs increase cwnd When to time out RTT estimation Time Sender 1:1461 ack : :4381 ack 4381 Receiver Assumes honest feedback Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.3
11 From ACKs, sender infers: Packet Loss When to send Data is buffered How much to send ACKs increase cwnd When to time out RTT estimation Time Sender 1:1461 ack : :4381 ack 4381 Receiver What if receiver is malicious? Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.3
12 Sender Receiver Misbehaving receiver can send optimistic ACKs for packets before they are received Faster performance [Savage99] Time 1:1461 ack 1461 OptAck Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.4
13 Sender (Victim) Attacker 1:1461 Malicious receiver can ACK data that is never received Force sender to congest the network (DoS) Time ack 1461 ack 4381 ack 8761 ack ack ack ack Dropped Packets Saturated Link Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.4
14 Measure of DoS severity traffic generated Amplification = traffic sent Flooding : x1 Spoofed DNS: x4-x10 Smurf (broadcast ping): x255 Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.5
15 Measure of DoS severity traffic generated Amplification = traffic sent Flooding : x1 Spoofed DNS: x4-x10 Smurf (broadcast ping): x255 OptAck: x1683 With window scaling: x Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.5
16 Contributions Discuss attack and amplification Implementation techniques Simulated and real world experiments Solution: randomly skipped segments Validate efficiency of implementation Conclusions Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.6
17 Servers Attacker "Get" Requests Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.7
18 OptAcks Incoming Data Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.7
19 Victim B Victim A DoS on Congested Link Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.7
20 Network Wide DoS Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.7
21 traffic generated traffic sent Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.8
22 # packets packet size 1 ACK OptAck: Send 1 ACK Get entire window of packets Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.8
23 cwnd mss (40 + mss) 40 cwnd: Size of window mss: Packet payload size 40 bytes: TCP header size Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.8
24 cwnd [ 1 mss + 1 ] 40 Typical: cwnd=2 16, mss=1460 x1683 Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.8
25 cwnd [ 1 mss + 1 ] 40 Typical: cwnd=2 16, mss=1460 x1683 [RFC1323] cwnd= wscale wscale=14 cwnd=2 30 Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.8
26 cwnd [ 1 mss + 1 ] 40 Typical: cwnd=2 16, mss=1460 x1683 [RFC1323] cwnd= wscale wscale=14 cwnd=2 30 Smaller mss more amplification Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.8
27 cwnd [ 1 mss + 1 ] 40 Typical: cwnd=2 16, mss=1460 x1683 [RFC1323] cwnd= wscale wscale=14 cwnd=2 30 Smaller mss more amplification wscale=14, mss=88 x Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.8
28 Target CDN s and P2P File transfer nodes Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.9
29 Target CDN s and P2P File transfer nodes Use zombies to attack the Internet s core Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.9
30 Target CDN s and P2P File transfer nodes Use zombies to attack the Internet s core Botnets of 100k+ nodes exist [HONEYNET04] Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.9
31 Target CDN s and P2P File transfer nodes Use zombies to attack the Internet s core Botnets of 100k+ nodes exist [HONEYNET04] How much traffic before collapse? Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.9
32 Target CDN s and P2P File transfer nodes Use zombies to attack the Internet s core Botnets of 100k+ nodes exist [HONEYNET04] How much traffic before collapse? Open problem Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.9
33 Target CDN s and P2P File transfer nodes Use zombies to attack the Internet s core Botnets of 100k+ nodes exist [HONEYNET04] How much traffic before collapse? Open problem Data point: Slammer worm generated 31GB/s at peak [CAIDA03] Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.9
34 Target CDN s and P2P File transfer nodes Use zombies to attack the Internet s core Botnets of 100k+ nodes exist [HONEYNET04] How much traffic before collapse? Open problem Data point: Slammer worm generated 31GB/s at peak [CAIDA03] Equal to traffic generated by 5 OptAck attackers on T3s, wscale=0, mss=1460 Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.9
35 Is attack practical? How vulnerable are deployed TCP Stacks? Discovered effective solution We implement the attack approx lines of code Main challenge: ACK overruns Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.10
36 Attacker becomes unsynchronized Sender (Victim) Attacker ack Time 14601: : : :20441 OS Delay Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.11
37 Attacker becomes unsynchronized Sender (Victim) Attacker ack Time 14601: : : :20441 OS Delay ack ACK Arrives Early 20441:21901 Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.11
38 Attacker becomes unsynchronized Sender (Victim) Attacker ack Time 14601: : : :20441 OS Delay ack ACK Arrives Early 20441: :16061 Retransmit after RTO Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.11
39 Attacker becomes unsynchronized Sender (Victim) Attacker ack Time 14601: : : :20441 OS Delay ack ACK Arrives Early 20441: :16061 ack Retransmit after RTO Attacker Continues Blindly Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.11
40 Attacker becomes unsynchronized Causes of Overrun Server delay ACK compression Dropped ACKs Time OS Delay Sender (Victim) ack : : : :20441 ack :21901 Attacker ACK Arrives Early 14601:16061 Retransmit after RTO ack Attacker Continues Blindly Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.11
41 Attacker becomes unsynchronized Causes of Overrun Server delay ACK compression Dropped ACKs [RFC793] says ignore overrun ACKs DoS otherwise Time OS Delay Retransmit after RTO Sender (Victim) ack : : : :20441 ack : :16061 ack Attacker Continues Blindly Attacker ACK Arrives Early Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.11
42 Attacker becomes unsynchronized Causes of Overrun Server delay ACK compression Dropped ACKs [RFC793] says ignore overrun ACKs DoS otherwise Overrun avoidance and recovery Time OS Delay Retransmit after RTO Sender (Victim) ack : : : :20441 ack : :16061 ack Attacker Continues Blindly Attacker ACK Arrives Early Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.11
43 Server delays are short (typically <50ms) Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.12
44 Server delays are short (typically <50ms) Attacker should target more servers Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.12
45 Server delays are short (typically <50ms) Attacker should target more servers Don t ACK whole window ACK 1 2 cwnd, twice as often Thwarts ACK compression, dropped ACKs Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.12
46 Server delays are short (typically <50ms) Attacker should target more servers Don t ACK whole window ACK 1 2 cwnd, twice as often Thwarts ACK compression, dropped ACKs Don t exceed local attack bandwidth Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.12
47 Server delays are short (typically <50ms) Attacker should target more servers Don t ACK whole window ACK 1 2 cwnd, twice as often Thwarts ACK compression, dropped ACKs Don t exceed local attack bandwidth Recovery details in paper Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.12
48 OptAcks Experiment: How much traffic does OptAck generate? Incoming Data Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.13
49 Connections: 1 Attacker: 1.5Mbps Victims: 100Mbps Parameters: wscale=4 mss=1460 GigaBytes/s (log scale) Victims 128 Victims 64 Victims 32 Victims 16 Victims 8 Victims 4 Victims 2 Victims 1 Victim 512 Victims Seconds Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.14
50 Connections: 10 1 Attacker: 1.5Mbps Victims: 100Mbps Max traffic: 99.9% of predicted Conclusion: Model is accurate GigaBytes/second (log scale) mss=1460,wscale=4 mss=88,wscale=0 mss=1460,wscale= Number of 100Mbps Victims Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.14
51 1 Attacker on LAN w/ 1 victim wscale=0, mss=1460 No multi-victim overrun avoidance Amplification Factor Linux OS X Solaris 5.8 WinXP Victim OS - Single Victim Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.15
52 1 Attacker on LAN w/ 1 victim wscale=0, mss=1460 Conclusion: Works on deployed TCP stacks Amplification Factor Linux OS X Solaris 5.8 Victim OS - Single Victim WinXP Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.15
53 How to defend against OptAck? Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.16
54 How to defend against OptAck? Nonce Receiver modification; not deployable Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.16
55 How to defend against OptAck? Nonce Receiver modification; not deployable Rate limiting Target more servers; use more attackers Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.16
56 How to defend against OptAck? Nonce Receiver modification; not deployable Rate limiting Target more servers; use more attackers RST on overrun ACK Trivial DoS Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.16
57 How to defend against OptAck? Nonce Receiver modification; not deployable Rate limiting Target more servers; use more attackers RST on overrun ACK Trivial DoS Network Policing Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.16
58 How to defend against OptAck? Nonce Receiver modification; not deployable Rate limiting Target more servers; use more attackers RST on overrun ACK Trivial DoS Network Policing Insight: attacker cannot tell where in the network a packet is dropped Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.16
59 Sender should randomly, periodically, skip sending a data segment Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.17
60 Sender should randomly, periodically, skip sending a data segment Good receiver sends duplicate ACKs; fast retransmit skipped segment Malicious receiver ACKs the hole; RST connection Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.17
61 Sender should randomly, periodically, skip sending a data segment Good receiver sends duplicate ACKs; fast retransmit skipped segment Malicious receiver ACKs the hole; RST connection Cost: Transmission rate unchanged Application receives data 1 RTT later Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.17
62 Sender should randomly, periodically, skip sending a data segment Good receiver sends duplicate ACKs; fast retransmit skipped segment Malicious receiver ACKs the hole; RST connection Cost: Transmission rate unchanged Application receives data 1 RTT later Sender only modification: deployable Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.17
63 Sender should not back off Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.18
64 Sender should not back off Cost of RNG too high per packet Init counter randomly from [low,high] Decrement counter with each segment counter==0 skip segment re init counter randomly Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.18
65 Sender should not back off Cost of RNG too high per packet Init counter randomly from [low,high] Decrement counter with each segment counter==0 skip segment re init counter randomly TCP optimized to recover from packet loss Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.18
66 Sender should not back off Cost of RNG too high per packet Init counter randomly from [low,high] Decrement counter with each segment counter==0 skip segment re init counter randomly TCP optimized to recover from packet loss Linux implementation: 30 lines of code 5 bytes per connection Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.18
67 Download 100MB file No attack % Confidence Interval Vary skip rate Percent Overhead Average None Skip Skip Skip Segments Skipped Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.19
68 Download 100MB file % Confidence Interval No attack Vary skip rate Conclusion: Overhead is trivial < 0.1% Percent Overhead None Skip Average Skip Segments Skipped Skip Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.19
69 [Savage99] TCP Congestion Control with a Misbehaving Receiver. Stefan Savage, Neal Cardwell, David Wetherall, and Tom Anderson. CCR Original optimistic acknowledgment Defense requires receiver side modifications - inhibits deployment Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.20
70 [Azcorra04] (Expired) Draft RFC: DoS vulnerability of TCP by acknowledging not received segments. A. Azcorra, C. Bernardos, and I. Soto. draft-azcorra-tcpm-tcp-blind-ack-dos-01 Proposed solutions already discussed in paper Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.21
71 [CAIDA03]: Inside the Slammer Worm: David Moore, Vern Paxson, Stefan Savage, Colleen Shannon, Stuart Staniford, Nicholas Weaver. [HONEYNET04]: Know your Enemy: Tracking Botnets. The Honeynet Project Research Alliance. Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.22
72 OptAck attack is dangerous: x1683 x w/ wscaling Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.23
73 OptAck attack is dangerous: x1683 x w/ wscaling Deployed TCP Stacks are vulnerable Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.23
74 OptAck attack is dangerous: x1683 x w/ wscaling Deployed TCP Stacks are vulnerable Skipped segments solution: performs efficiently requires sender only deployment Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.23
75 OptAck attack is dangerous: x1683 x w/ wscaling Deployed TCP Stacks are vulnerable Skipped segments solution: performs efficiently requires sender only deployment Future work: DETER? Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.23
76 OptAck attack is dangerous: x1683 x w/ wscaling Deployed TCP Stacks are vulnerable Skipped segments solution: performs efficiently requires sender only deployment Future work: DETER? Questions? This talk was written in L A T E X with Prosper: Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.23
77 bandwidth caps just use more victims or more attackers nonces non-cumulative nonces are not robust cumulative nonces require client deployment ACK alignment/timestamps requires CPU for strong random numbers timestamps are optional not robust to lazy attack Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.24
78 In network support not currently deployed Random Pauses inefficient segment reordering allows false positives from network reordering, dropped ACKs no performance penalty Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse p.25
Networking from an OS Perspective
Networking from an OS Perspective CS6410 Lecture 12 Robert Escriva Cornell CS 6410, October 7, 2010 1 2 TCP Congestion Control with a Misbehaving Receiver Van Jacobson Known for his work on the TCP/IP
More informationTCP Congestion Control With a Misbehaving Receiver
TCP Congestion Control With a Misbehaving Receiver Stefan Savage, Neal Cardwell, David Wetherall and Tom Anderson - Pavan Kumar Panjam Congestion Control Congestion is a situation in Communication Networks
More informationCS268: Beyond TCP Congestion Control
TCP Problems CS68: Beyond TCP Congestion Control Ion Stoica February 9, 004 When TCP congestion control was originally designed in 1988: - Key applications: FTP, E-mail - Maximum link bandwidth: 10Mb/s
More informationIncrementally Deployable Prevention to TCP Attack with Misbehaving Receivers
Incrementally Deployable Prevention to TCP Attack with Misbehaving Receivers Kun Gao and Chengwen Chris Wang kgao, chengwen @cs.cmu.edu Computer Science Department Carnegie Mellon University December 15,
More informationNetwork Working Group. Category: Experimental February TCP Congestion Control with Appropriate Byte Counting (ABC)
Network Working Group M. Allman Request for Comments: 3465 BBN/NASA GRC Category: Experimental February 2003 TCP Congestion Control with Appropriate Byte Counting (ABC) Status of this Memo This memo defines
More informationExploiting the Congestion Control Behavior of the Transmission Control Protocol
2009 Fourth Balkan Conference in Informatics Exploiting the Congestion Control Behavior of the Transmission Control Protocol Stefanos Harhalakis Department of Informatics TEI of Thessaloniki Thessaloniki,
More informationDENIAL OF SERVICE ATTACKS
DENIAL OF SERVICE ATTACKS Ezell Frazier EIS 4316 November 6, 2016 Contents 7.1 Denial of Service... 2 7.2 Targets of DoS attacks... 2 7.3 Purpose of flood attacks... 2 7.4 Packets used during flood attacks...
More informationProblem 7. Problem 8. Problem 9
Problem 7 To best answer this question, consider why we needed sequence numbers in the first place. We saw that the sender needs sequence numbers so that the receiver can tell if a data packet is a duplicate
More informationTCP Performance. EE 122: Intro to Communication Networks. Fall 2006 (MW 4-5:30 in Donner 155) Vern Paxson TAs: Dilip Antony Joseph and Sukun Kim
TCP Performance EE 122: Intro to Communication Networks Fall 2006 (MW 4-5:30 in Donner 155) Vern Paxson TAs: Dilip Antony Joseph and Sukun Kim http://inst.eecs.berkeley.edu/~ee122/ Materials with thanks
More informationimage 3.8 KB Figure 1.6: Example Web Page
image. KB image 1 KB Figure 1.: Example Web Page and is buffered at a router, it must wait for all previously queued packets to be transmitted first. The longer the queue (i.e., the more packets in the
More informationTCP so far Computer Networking Outline. How Was TCP Able to Evolve
TCP so far 15-441 15-441 Computer Networking 15-641 Lecture 14: TCP Performance & Future Peter Steenkiste Fall 2016 www.cs.cmu.edu/~prs/15-441-f16 Reliable byte stream protocol Connection establishments
More informationInternet Networking recitation #10 TCP New Reno Vs. Reno
recitation #0 TCP New Reno Vs. Reno Spring Semester 200, Dept. of Computer Science, Technion 2 Introduction Packet Loss Management TCP Reno (RFC 258) can manage a loss of at most one packet from a single
More informationCSCI-1680 Transport Layer III Congestion Control Strikes Back Rodrigo Fonseca
CSCI-1680 Transport Layer III Congestion Control Strikes Back Rodrigo Fonseca Based partly on lecture notes by David Mazières, Phil Levis, John Jannotti, Ion Stoica Last Time Flow Control Congestion Control
More informationOverview. TCP & router queuing Computer Networking. TCP details. Workloads. TCP Performance. TCP Performance. Lecture 10 TCP & Routers
Overview 15-441 Computer Networking TCP & router queuing Lecture 10 TCP & Routers TCP details Workloads Lecture 10: 09-30-2002 2 TCP Performance TCP Performance Can TCP saturate a link? Congestion control
More informationUNIT IV -- TRANSPORT LAYER
UNIT IV -- TRANSPORT LAYER TABLE OF CONTENTS 4.1. Transport layer. 02 4.2. Reliable delivery service. 03 4.3. Congestion control. 05 4.4. Connection establishment.. 07 4.5. Flow control 09 4.6. Transmission
More informationYour projected and optimistically projected grades should be in the grade center soon o Projected: Your current weighted score /30 * 100
You should worry if you are below this point Your projected and optimistically projected grades should be in the grade center soon o Projected: Your current weighted score /0 * 100 o Optimistic: (Your
More informationFast Retransmit. Problem: coarsegrain. timeouts lead to idle periods Fast retransmit: use duplicate ACKs to trigger retransmission
Fast Retransmit Problem: coarsegrain TCP timeouts lead to idle periods Fast retransmit: use duplicate ACKs to trigger retransmission Packet 1 Packet 2 Packet 3 Packet 4 Packet 5 Packet 6 Sender Receiver
More informationTCP Congestion Control
TCP Congestion Control What is Congestion The number of packets transmitted on the network is greater than the capacity of the network Causes router buffers (finite size) to fill up packets start getting
More informationTCP Congestion Control
What is Congestion TCP Congestion Control The number of packets transmitted on the network is greater than the capacity of the network Causes router buffers (finite size) to fill up packets start getting
More informationOutline Computer Networking. TCP slow start. TCP modeling. TCP details AIMD. Congestion Avoidance. Lecture 18 TCP Performance Peter Steenkiste
Outline 15-441 Computer Networking Lecture 18 TCP Performance Peter Steenkiste Fall 2010 www.cs.cmu.edu/~prs/15-441-f10 TCP congestion avoidance TCP slow start TCP modeling TCP details 2 AIMD Distributed,
More informationReliable Transport II: TCP and Congestion Control
Reliable Transport II: TCP and Congestion Control Stefano Vissicchio UCL Computer Science COMP0023 Recap: Last Lecture Transport Concepts Layering context Transport goals Transport mechanisms and design
More informationTransport layer. UDP: User Datagram Protocol [RFC 768] Review principles: Instantiation in the Internet UDP TCP
Transport layer Review principles: Reliable data transfer Flow control Congestion control Instantiation in the Internet UDP TCP 1 UDP: User Datagram Protocol [RFC 768] No frills, bare bones Internet transport
More informationTransport layer. Review principles: Instantiation in the Internet UDP TCP. Reliable data transfer Flow control Congestion control
Transport layer Review principles: Reliable data transfer Flow control Congestion control Instantiation in the Internet UDP TCP 1 UDP: User Datagram Protocol [RFC 768] No frills, bare bones Internet transport
More informationECE 435 Network Engineering Lecture 10
ECE 435 Network Engineering Lecture 10 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 28 September 2017 Announcements HW#4 was due HW#5 will be posted. midterm/fall break You
More informationCongestion Control In The Internet Part 2: How it is implemented in TCP. JY Le Boudec 2014
1 Congestion Control In The Internet Part 2: How it is implemented in TCP JY Le Boudec 2014 Contents 1. Congestion control in TCP 2. The fairness of TCP 3. The loss throughput formula 4. Explicit Congestion
More informationAn Extension to the Selective Acknowledgement (SACK) Option for TCP
Network Working Group Request for Comments: 2883 Category: Standards Track S. Floyd ACIRI J. Mahdavi Novell M. Mathis Pittsburgh Supercomputing Center M. Podolsky UC Berkeley July 2000 An Extension to
More informationThe Transport Layer Congestion control in TCP
CPSC 360 Network Programming The Transport Layer Congestion control in TCP Michele Weigle Department of Computer Science Clemson University mweigle@cs.clemson.edu http://www.cs.clemson.edu/~mweigle/courses/cpsc360
More informationEXPERIENCES EVALUATING DCTCP. Lawrence Brakmo, Boris Burkov, Greg Leclercq and Murat Mugan Facebook
EXPERIENCES EVALUATING DCTCP Lawrence Brakmo, Boris Burkov, Greg Leclercq and Murat Mugan Facebook INTRODUCTION Standard TCP congestion control, which only reacts to packet losses has many problems Can
More informationInternet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.
Internet Layers Application Application Transport Transport Network Network Network Network Link Link Link Link Ethernet Fiber Optics Physical Layer Wi-Fi ARP requests and responses IP: 192.168.1.1 MAC:
More informationCongestion Control In The Internet Part 2: How it is implemented in TCP. JY Le Boudec 2014
1 Congestion Control In The Internet Part 2: How it is implemented in TCP JY Le Boudec 2014 Contents 1. Congestion control in TCP 2. The fairness of TCP 3. The loss throughput formula 4. Explicit Congestion
More informationCongestion Control In The Internet Part 2: How it is implemented in TCP. JY Le Boudec 2015
1 Congestion Control In The Internet Part 2: How it is implemented in TCP JY Le Boudec 2015 Contents 1. Congestion control in TCP 2. The fairness of TCP 3. The loss throughput formula 4. Explicit Congestion
More informationPage 1. Review: Internet Protocol Stack. Transport Layer Services. Design Issue EEC173B/ECS152C. Review: TCP
EEC7B/ECS5C Review: Internet Protocol Stack Review: TCP Application Telnet FTP HTTP Transport Network Link Physical bits on wire TCP LAN IP UDP Packet radio Transport Layer Services Design Issue Underlying
More informationTransmission Control Protocol. ITS 413 Internet Technologies and Applications
Transmission Control Protocol ITS 413 Internet Technologies and Applications Contents Overview of TCP (Review) TCP and Congestion Control The Causes of Congestion Approaches to Congestion Control TCP Congestion
More informationPage 1. Review: Internet Protocol Stack. Transport Layer Services EEC173B/ECS152C. Review: TCP. Transport Layer: Connectionless Service
EEC7B/ECS5C Review: Internet Protocol Stack Review: TCP Application Telnet FTP HTTP Transport Network Link Physical bits on wire TCP LAN IP UDP Packet radio Do you remember the various mechanisms we have
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 18: Network Attacks Department of Computer Science and Engineering University at Buffalo 1 Lecture Overview Network attacks denial-of-service (DoS) attacks SYN
More informationOverview. TCP congestion control Computer Networking. TCP modern loss recovery. TCP modeling. TCP Congestion Control AIMD
Overview 15-441 Computer Networking Lecture 9 More TCP & Congestion Control TCP congestion control TCP modern loss recovery TCP modeling Lecture 9: 09-25-2002 2 TCP Congestion Control Changes to TCP motivated
More informationfile:///c:/users/hpguo/dropbox/website/teaching/fall 2017/CS4470/H...
1 of 9 11/26/2017, 11:28 AM Homework 3 solutions 1. A window holds bytes 2001 to 5000. The next byte to be sent is 3001. Draw a figure to show the situation of the window after the following two events:
More informationBandwidth Allocation & TCP
Bandwidth Allocation & TCP The Transport Layer Focus Application Presentation How do we share bandwidth? Session Topics Transport Network Congestion control & fairness Data Link TCP Additive Increase/Multiplicative
More informationPractice Problems: P22, 23, P24, P25, P26, P27, P28, P29, P30, P32, P44 and P45. Hand-in the following: P27, P28, P32, P37, P44
Practice Problems: P, 3, P4, P5, P6, P7, P8, P9, P30, P3, P44 and P45. Hand-in the following: P7, P8, P3, P37, P44 Chapter-3 Assigned/ Practice - Problems Problem a) Here we have a window size of N=3.
More informationABSTRACT. Rob Sherwood, Doctor of Philosophy, Assistant Professor Neil Spring Department of Computer Science
ABSTRACT Title of Dissertation: Discovering and Securing Shared Resources on the Internet Rob Sherwood, Doctor of Philosophy, 2008 Dissertation directed by: Associate Professor Samrat Bhattacharjee and
More informationRobust TCP Stream Reassembly In the Presence of Adversaries
Robust TCP Stream Reassembly In the Presence of Adversaries Sarang Dharmapurikar and Vern Paxson Washington Univ. UC Berkeley Usenix Security 2005 Presented by N. Sertac Artan Motivation TCP Reassembly
More informationCongestion Control. Brighten Godfrey CS 538 January Based in part on slides by Ion Stoica
Congestion Control Brighten Godfrey CS 538 January 31 2018 Based in part on slides by Ion Stoica Announcements A starting point: the sliding window protocol TCP flow control Make sure receiving end can
More informationCSE 473 Introduction to Computer Networks. Final Exam. Your name here: 12/17/2012
CSE 473 Introduction to Computer Networks Jon Turner Final Exam Your name here: 12/17/2012 1. (8 points). The figure below shows a network path connecting a server to a client. 200 km 2000 km 2 km X Y
More informationCS419: Computer Networks. Lecture 10, Part 3: Apr 13, 2005 Transport: TCP performance
: Computer Networks Lecture 10, Part 3: Apr 13, 2005 Transport: TCP performance TCP performance We ve seen how TCP the protocol works But there are a lot of tricks required to make it work well Indeed,
More informationConfiguring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
More informationChapter 3 Review Questions
Chapter 3 Review Questions. 2. 3. Source port number 6 and destination port number 37. 4. TCP s congestion control can throttle an application s sending rate at times of congestion. Designers of applications
More informationTCP. CSU CS557, Spring 2018 Instructor: Lorenzo De Carli (Slides by Christos Papadopoulos, remixed by Lorenzo De Carli)
TCP CSU CS557, Spring 2018 Instructor: Lorenzo De Carli (Slides by Christos Papadopoulos, remixed by Lorenzo De Carli) 1 Sources Fall and Stevens, TCP/IP Illustrated Vol. 1, 2nd edition Congestion Avoidance
More informationTCP congestion control:
TCP congestion control: Probing for usable bandwidth: Ideally: transmit as fast as possible (cwnd as large as possible) without loss Increase cwnd until loss (congestion) Loss: decrease cwnd, then begin
More informationCSE 473 Introduction to Computer Networks. Midterm Exam Review
CSE 473 Introduction to Computer Networks Midterm Exam Review John DeHart 10/12/2015 1. (10 points). A user in Chicago, connected to the internet via a 100 Mb/s (b=bits) connection retrieves a 250 KB (B=bytes)
More informationTransport Over IP. CSCI 690 Michael Hutt New York Institute of Technology
Transport Over IP CSCI 690 Michael Hutt New York Institute of Technology Transport Over IP What is a transport protocol? Choosing to use a transport protocol Ports and Addresses Datagrams UDP What is a
More informationLast lecture we talked about how Intrusion Detection works. Today we will talk about the attacks. Intrusion Detection. Shell code
4/25/2006 Lecture Notes: DOS Beili Wang Last lecture we talked about how Intrusion Detection works. Today we will talk about the attacks. Intrusion Detection Aps Monitor OS Internet Shell code Model In
More informationII. Principles of Computer Communications Network and Transport Layer
II. Principles of Computer Communications Network and Transport Layer A. Internet Protocol (IP) IPv4 Header An IP datagram consists of a header part and a text part. The header has a 20-byte fixed part
More informationEECS 122, Lecture 19. Reliable Delivery. An Example. Improving over Stop & Wait. Picture of Go-back-n/Sliding Window. Send Window Maintenance
EECS 122, Lecture 19 Today s Topics: More on Reliable Delivery Round-Trip Timing Flow Control Intro to Congestion Control Kevin Fall, kfall@cs cs.berkeley.eduedu Reliable Delivery Stop and Wait simple
More informationMaking TCP more Robust against Packet Reordering
Making TCP more Robust against Packet Reordering Alexander Zimmermann Lennart Schulte TCPM, IETF-9, Honolulu, HI, USA November, 24 TCPM s feedback
More informationCS132/EECS148 - Instructor: Karim El Defrawy Midterm Spring 2013 Time: 1hour May 2nd, 2013
CS132/EECS148 - Instructor: Karim El Defrawy Midterm Spring 2013 : 1hour May 2nd, 2013 Total Points: 25 Attempt all problems. Problem #1: (5 points, ½ point each) Choose only one answer. You will not receive
More informationThe Case for Informed Transport Protocols
The Case for Informed Transport Protocols Stefan Savage Neal Cardwell Tom Anderson University of Washington Our position Wide-area network performance: is important is limited by inefficient congestion
More informationTBIT: TCP Behavior Inference Tool
TBIT: TCP Behavior Inference Tool Jitendra Padhye Sally Floyd AT&T Center for Internet Research at ICSI (ACIRI) http://www.aciri.org/tbit/ 1 of 24 Outline of talk Motivation Description of the tool Results
More information8. TCP Congestion Control
8. TCP Congestion Control 1 TCP Congestion Control Slow-start increase Multiplicative decrease Congestion avoidance Measurement of variation Exponential timer backoff 2002 Yanghee Choi 2 Congestion Control
More informationAnswers to Sample Questions on Transport Layer
Answers to Sample Questions on Transport Layer 1) Which protocol Go-Back-N or Selective-Repeat - makes more efficient use of network bandwidth? Why? Answer: Selective repeat makes more efficient use of
More informationDualRTT: Enhancing TCP Performance During Delay Spikes
DualRTT: Enhancing TCP Performance During Delay Spikes Ph.D. School of Computer Science University of Oklahoma. Email: atiq@ieee.org Web: www.cs.ou.edu/~atiq Presentation at Tohoku University, Sendai,
More informationCS321: Computer Networks Congestion Control in TCP
CS321: Computer Networks Congestion Control in TCP Dr. Manas Khatua Assistant Professor Dept. of CSE IIT Jodhpur E-mail: manaskhatua@iitj.ac.in Causes and Cost of Congestion Scenario-1: Two Senders, a
More informationComputer Networks and Data Systems
Computer Networks and Data Systems Transport Layer TDC463 Winter 2011/12 John Kristoff - DePaul University 1 Why a transport layer? IP gives us end-to-end connectivity doesn't it? Why, or why not, more
More informationVery Fast Containment of Scanning Worms. Nicholas Weaver, Stuart Staniford, Vern Paxson ICSI, Nevis Networks, ICSI & LBNL
Very Fast Containment of Scanning Worms Nicholas Weaver, Stuart Staniford, Vern Paxson ICSI, Nevis Networks, ICSI & LBNL 1 Outline Worm Containment Scan Suppression Hardware Implementation Cooperation
More informationUser Datagram Protocol (UDP):
SFWR 4C03: Computer Networks and Computer Security Feb 2-5 2004 Lecturer: Kartik Krishnan Lectures 13-15 User Datagram Protocol (UDP): UDP is a connectionless transport layer protocol: each output operation
More informationTCP Congestion Control
6.033, Spring 2014 TCP Congestion Control Dina Katabi & Sam Madden nms.csail.mit.edu/~dina Sharing the Internet How do you manage resources in a huge system like the Internet, where users with different
More informationCS Transport. Outline. Window Flow Control. Window Flow Control
CS 54 Outline indow Flow Control (Very brief) Review of TCP TCP throughput modeling TCP variants/enhancements Transport Dr. Chan Mun Choon School of Computing, National University of Singapore Oct 6, 005
More informationCSC 401 Data and Computer Communications Networks
CSC 401 Data and Computer Communications Networks Transport Layer Connection Oriented Transport: TCP Sec 3.5 Prof. Lina Battestilli Fall 2017 Transport Layer Chapter 3 Outline 3.1 Transport-layer Services
More informationCS3600 SYSTEMS AND NETWORKS
CS3600 SYSTEMS AND NETWORKS NORTHEASTERN UNIVERSITY Lecture 24: Congestion Control Prof. Alan Mislove (amislove@ccs.neu.edu) Slides used with permissions from Edward W. Knightly, T. S. Eugene Ng, Ion Stoica,
More informationTransport Layer Marcos Vieira
Transport Layer 2014 Marcos Vieira Transport Layer Transport protocols sit on top of network layer and provide Application-level multiplexing ( ports ) Error detection, reliability, etc. UDP User Datagram
More informationNetwork Protocols. Transmission Control Protocol (TCP) TDC375 Autumn 2009/10 John Kristoff DePaul University 1
Network Protocols Transmission Control Protocol (TCP) TDC375 Autumn 2009/10 John Kristoff DePaul University 1 IP review IP provides just enough connected ness Global addressing Hop by hop routing IP over
More informationComputer Communication Networks Midterm Review
Computer Communication Networks Midterm Review ICEN/ICSI 416 Fall 2018 Prof. Aveek Dutta 1 Instructions The exam is closed book, notes, computers, phones. You can use calculator, but not one from your
More informationCongestion / Flow Control in TCP
Congestion and Flow Control in 1 Flow Control and Congestion Control Flow control Sender avoids overflow of receiver buffer Congestion control All senders avoid overflow of intermediate network buffers
More informationCMSC 417. Computer Networks Prof. Ashok K Agrawala Ashok Agrawala. October 30, 2018
CMSC 417 Computer Networks Prof. Ashok K Agrawala 2018 Ashok Agrawala October 30, 2018 Message, Segment, Packet, and Frame host host HTTP HTTP message HTTP TCP TCP segment TCP router router IP IP packet
More informationTransport Layer PREPARED BY AHMED ABDEL-RAOUF
Transport Layer PREPARED BY AHMED ABDEL-RAOUF TCP Flow Control TCP Flow Control 32 bits source port # dest port # head len sequence number acknowledgement number not used U A P R S F checksum Receive window
More informationConfiguring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
More informationF-RTO: An Enhanced Recovery Algorithm for TCP Retransmission Timeouts
F-RTO: An Enhanced Recovery Algorithm for TCP Retransmission Timeouts Pasi Sarolahti Nokia Research Center pasi.sarolahti@nokia.com Markku Kojo, Kimmo Raatikainen University of Helsinki Department of Computer
More informationSSFNET TCP Simulation Analysis by tcpanaly
SSFNET TCP Simulation Analysis by tcpanaly Hongbo Liu hongbol@winlabrutgersedu Apr 16, 2000 Abstract SSFNET is a collection of SSF-based models for simulating Internet protocols and networks It is designed
More information20: Networking (2) TCP Socket Buffers. Mark Handley. TCP Acks. TCP Data. Application. Application. Kernel. Kernel. Socket buffer.
20: Networking (2) Mark Handley TCP Socket Buffers Application Application Kernel write Kernel read Socket buffer Socket buffer DMA DMA NIC TCP Acks NIC TCP Data 1 TCP Socket Buffers Send-side Socket Buffer
More informationCSE/EE 461 Lecture 16 TCP Congestion Control. TCP Congestion Control
CSE/EE Lecture TCP Congestion Control Tom Anderson tom@cs.washington.edu Peterson, Chapter TCP Congestion Control Goal: efficiently and fairly allocate network bandwidth Robust RTT estimation Additive
More informationCS4700/CS5700 Fundamentals of Computer Networks
CS4700/CS5700 Fundamentals of Computer Networks Lecture 15: Congestion Control Slides used with permissions from Edward W. Knightly, T. S. Eugene Ng, Ion Stoica, Hui Zhang Alan Mislove amislove at ccs.neu.edu
More informationImproving the Robustness of TCP to Non-Congestion Events
Improving the Robustness of TCP to Non-Congestion Events Presented by : Sally Floyd floyd@acm.org For the Authors: Sumitha Bhandarkar A. L. Narasimha Reddy {sumitha,reddy}@ee.tamu.edu Problem Statement
More informationCorrecting mistakes. TCP: Overview RFCs: 793, 1122, 1323, 2018, TCP seq. # s and ACKs. GBN in action. TCP segment structure
Correcting mistakes Go-back-N: big picture: sender can have up to N unacked packets in pipeline rcvr only sends cumulative acks doesn t ack packet if there s a gap sender has r for oldest unacked packet
More informationCongestion Control In The Internet Part 2: How it is implemented in TCP. JY Le Boudec 2015
Congestion Control In The Internet Part 2: How it is implemented in TCP JY Le Boudec 2015 1 Contents 1. Congestion control in TCP 2. The fairness of TCP 3. The loss throughput formula 4. Explicit Congestion
More informationTCP Roadmap 2.0. Alexander Zimmermann
TCP Roadmap 2.0 Alexander Zimmermann 1 Document history (1/4) draft-zimmermann-tcpm-tcp-rfc4614bis-00 No content-related updates Only xml code were updated à new boilerplate and new structure of reference
More informationUDP, TCP, IP multicast
UDP, TCP, IP multicast Dan Williams In this lecture UDP (user datagram protocol) Unreliable, packet-based TCP (transmission control protocol) Reliable, connection oriented, stream-based IP multicast Process-to-Process
More informationTopics. TCP sliding window protocol TCP PUSH flag TCP slow start Bulk data throughput
Topics TCP sliding window protocol TCP PUSH flag TCP slow start Bulk data throughput 2 Introduction In this chapter we will discuss TCP s form of flow control called a sliding window protocol It allows
More informationPreview Test: HW3. Test Information Description Due:Nov. 3
Preview Test: HW3 Test Information Description Due:Nov. 3 Instructions Multiple Attempts Not allowed. This test can only be taken once. Force Completion This test can be saved and resumed later. Question
More information9th Slide Set Computer Networks
Prof. Dr. Christian Baun 9th Slide Set Computer Networks Frankfurt University of Applied Sciences WS1718 1/49 9th Slide Set Computer Networks Prof. Dr. Christian Baun Frankfurt University of Applied Sciences
More informationCongestion Control. Daniel Zappala. CS 460 Computer Networking Brigham Young University
Congestion Control Daniel Zappala CS 460 Computer Networking Brigham Young University 2/25 Congestion Control how do you send as fast as possible, without overwhelming the network? challenges the fastest
More informationTCP Congestion Control 65KB W
TCP Congestion Control 65KB W TO 3DA 3DA TO 0.5 0.5 0.5 0.5 3 3 1 SS SS CA SS CA TCP s Congestion Window Maintenance TCP maintains a congestion window (cwnd), based on packets Sender s window is limited
More informationDoS Attacks. Network Traceback. The Ultimate Goal. The Ultimate Goal. Overview of Traceback Ideas. Easy to launch. Hard to trace.
DoS Attacks Network Traceback Eric Stone Easy to launch Hard to trace Zombie machines Fake header info The Ultimate Goal Stopping attacks at the source To stop an attack at its source, you need to know
More informationLecture 15: Transport Layer Congestion Control
Lecture 15: Transport Layer Congestion Control COMP 332, Spring 2018 Victoria Manfredi Acknowledgements: materials adapted from Computer Networking: A Top Down Approach 7 th edition: 1996-2016, J.F Kurose
More informationAn study of the concepts necessary to create, as well as the implementation of, a flexible data processing and reporting engine for large datasets.
An study of the concepts necessary to create, as well as the implementation of, a flexible data processing and reporting engine for large datasets. Ignus van Zyl 1 Statement of problem Network telescopes
More informationETSF05/ETSF10 Internet Protocols Transport Layer Protocols
ETSF05/ETSF10 Internet Protocols Transport Layer Protocols 2016 Jens Andersson Transport Layer Communication between applications Process-to-process delivery Client/server concept Local host Normally initialiser
More informationTHE TRANSPORT LAYER UNIT IV
THE TRANSPORT LAYER UNIT IV The Transport Layer: The Transport Service, Elements of Transport Protocols, Congestion Control,The internet transport protocols: UDP, TCP, Performance problems in computer
More informationLecture 3: The Transport Layer: UDP and TCP
Lecture 3: The Transport Layer: UDP and TCP Prof. Shervin Shirmohammadi SITE, University of Ottawa Prof. Shervin Shirmohammadi CEG 4395 3-1 The Transport Layer Provides efficient and robust end-to-end
More informationTCP Performance Analysis Based on Packet Capture
TCP Performance Analysis Based on Packet Capture Stanislav Shalunov shalunov@internet2.edu 2003-02-05, E2E Performance Measurement Workshop, Miami Packet Capture TCP connection runs; some performance is
More informationReliable Transport I: Concepts and TCP Protocol
Reliable Transport I: Concepts and TCP Protocol Brad Karp UCL Computer Science CS 3035/GZ01 29 th October 2013 Part I: Transport Concepts Layering context Transport goals Transport mechanisms 2 Context:
More informationFall 2012: FCM 708 Bridge Foundation I
Fall 2012: FCM 708 Bridge Foundation I Prof. Shamik Sengupta Instructor s Website: http://jjcweb.jjay.cuny.edu/ssengupta/ Blackboard Website: https://bbhosted.cuny.edu/ Intro to Computer Networking Transport
More informationCS 356: Introduction to Computer Networks. Lecture 16: Transmission Control Protocol (TCP) Chap. 5.2, 6.3. Xiaowei Yang
CS 356: Introduction to Computer Networks Lecture 16: Transmission Control Protocol (TCP) Chap. 5.2, 6.3 Xiaowei Yang xwy@cs.duke.edu Overview TCP Connection management Flow control When to transmit a
More information