Part I: buffer sizes for core routers
ACM SIGCOMM Computer Communication Review
Part II: control theory for buffer sizing
ACM SIGCOMM Computer Communication Review
Update on buffer sizing in internet routers
ACM SIGCOMM Computer Communication Review
Low-rate TCP-targeted denial of service attacks and counter strategies
IEEE/ACM Transactions on Networking (TON)
Using Adaptive Bandwidth Allocation Approach to Defend DDoS Attacks
MUE '08 Proceedings of the 2008 International Conference on Multimedia and Ubiquitous Engineering
Experimental study of router buffer sizing
Proceedings of the 8th ACM SIGCOMM conference on Internet measurement
Hi-index | 0.00 |
Recently, several papers have studied the possibility of shrinking buffer sizes in Internet core routers to just a few dozen packets under certain constraints. If proven right, these results can open doors to building all-optical routers, since a major bottleneck in building such routers is the lack of large optical memories. However, reducing buffer sizes might pose new security risks: it is much easier to fill up tiny buffers, and thus organizing Denial of Service (DoS) attacks seems easier in a network with tiny buffers. To the best of our knowledge, such risks have not been studied before; all the focus has been on performance issues such as throughput, drop rate, and flow completion times. In this paper, we study DoS attacks in the context of networks with tiny buffers.We show that even though it is easier to fill up tiny buffers, synchronizing flows is more difficult. Therefore to reduce the network throughput, the attacker needs to utilize attacks with high packet injection rates. Since such attacks are easily detected, we conclude that DoS attacks are in fact more difficult in networks with tiny buffers.