Overview of Pushback. - PowerPoint PPT Presentation

About This Presentation
Title:

Overview of Pushback.

Description:

Congestion Signature - Set of properties of the aggregate identified as causing problems. ... Congestion Signature. Pushback Response. Sends responses downstream. ... – PowerPoint PPT presentation

Number of Views:116
Avg rating:3.0/5.0
Slides: 11
Provided by: stude136
Learn more at: http://www.cs.sjsu.edu
Category:

less

Transcript and Presenter's Notes

Title: Overview of Pushback.


1
Pushback Remedy for DDoS attack
  • Introduction.
  • Overview of Pushback.
  • Architecture of router.
  • Pushback mechanism.
  • Conclusion.

2
Introduction
  • DDoS attacks Disturbance to the global
    internet.
  • How do DDoS attacks occur?
  • Congestion could be caused by flash crowds too.
  • Non malicious
  • www.Olympics.com during 2000 Sydney Olympics.
  • Victim can do nothing to protect itself.
  • Can anything be done inside the network to
    defend?

3
What is Pushback?
  • Pushback - Defense against DDoS.
  • A mechanism that allows a router to request
    adjacent upstream routers to limit the rate of
    traffic.
  • Concept - Aggregate congestion control (ACC).
  • Aggregate - Subset of traffic with identifiable
    property.
  • Congestion Signature - Set of properties of the
    aggregate identified as causing problems.

4
DDoS attack in progress
R1
R2
R3
R4
R5
R6
R7
R8
Red - Bad traffic Green - Good traffic
D
5
Partial view of a router
Input Queues
Match congestion Signature ?
Output Queues
N
D
Y
Rate Limiter
P
Update Congestion signature
Adjust Local ACC
D
Pushbackd
pushback
6
Dropped Packet Report
  • Is sent by the rate-limiter to the Pushback
    daemon.

Magic Number
IP Destination address
Input interface
Output interface
Timestamp
Packet size
Reason
7
How does the Pushback daemon identify an attack
and the victim?
  • Algorithm
  • Step1 If (wi gt 1.2 wo) then attack is in
    progress.
  • Step2 Dropped packets are grouped according to
    the longest matching prefix in the routing table.
  • Step3 The prefix with the highest number of
    dropped packets is the set to be used in step4.
  • Step4 The set in step3 is scanned to find the
    host to which most of the packets are destined
    to.
  • Step5 If (wi wb gt 1.2 wo) then repeat steps
    2 to 5.

8
Pushback Request
  • The Pushback daemon uses a pushback request to
    tell the upstream links about the prefix to
    rate-limit.
  • Pushback request is as shown below.

Congestion Signature
Bandwidth Limit
Expiration time
RLS-ID
Depth of Requesting Node
9
Pushback Response
  • Sends responses downstream.
  • The response is very similar to request as shown
    here.

Congestion Signature
Bandwidth Used
Time in effect
RLS-ID
Depth of Requesting Node
10
Conclusion
  • Conclusion
  • Successfully implemented in the lab under
    FreeBSD operating system.
  • Deployment becomes complex as it requires lot of
    resources.
  • Any Questions?
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Overview of Pushback." is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!