Economic incentives to reduce "bad" traffic - PowerPoint PPT Presentation

1 / 9

About This Presentation

Title:

Economic incentives to reduce "bad" traffic

Description:

Dr. Carla Di Cairano-Gilfedder. British Telecom, Research ... If one used standard economic theory, the provisioning of DoS protection (as a public good) ... – PowerPoint PPT presentation

Number of Views:78

Avg rating:3.0/5.0

Slides: 10

Provided by: Mon6102

Category:

more less

Transcript and Presenter's Notes

Title: Economic incentives to reduce "bad" traffic

1
Economic incentives to reduce "bad" traffic

Dr. Carla Di Cairano-Gilfedder
British Telecom, Research Department
London, 13th Nov 06

Credits Bob Briscoe
2
Presentation outline

Denial-of-Service defence
Economic analyses of networked systems
- Models based on market forces
- Models based on game theoretic principles
DoS protection as a public good provision problem
Economic and incentive-based DDoS measures
DoS defence mechanisms- deployment incentives

3
Denial-of-Service defence
NB
NA
NC
Hardened ntwk
Victim
Attacker
Open ntwk
Hardened ntwk
1. Eliminate OS vulnerabilities difficult 2.
Internet should defend itself

Attack target Identify attacks near victim by
means of intrusion detection
- Does not stop congestion in network
Network routers Routers identify attacks and
instruct upstream routers to drop/limit malicious
flows
- Requires internet core routers to
cooperate and trust each other
Some solutions exist, based on economics,
that internalise externalities
Source Drop packets at source before they enter
the Internet
- Difficult to identify distributed attacks
as traffic is not aggregated
- Requires all edge routers cooperation

4
Economic analyses of networked information
systems - Models based on market forces
- Models based on Game theoretic principles

DDoS protection has characteristic of a public
good,
i.e. contribution to DDoS defence as
Private Provision of Public Good Problem
Absence of appropriate economic incentives may
lead to
under-provisioning or free-riding by
- users not investing in protecting
their computers from Botnet
- networks not investing in DDoS
protection measures
- OS vendors not investing enough for
design secure software

5
DoS protection as a public good provision problem

If one used standard economic theory, the
provisioning of DoS protection (as a public good)
- a one-shot Prisoners
Dilemma
- overall DoS protection
depends on sum of individual contributions
Free-riding is a cooperation failure which
leads to all parties worse off than if they had
cooperated
However sometimes parties do
cooperate in DoS protection
contrary to free-riding predicted by
theory
Alternative public good provisioning models can
re-consider assumptions made by standard theory
- perfect rationality of
parties involved
- public good provisioning
always modelled as Prisoners dilemma
- one-shot Prisoners
dilemma and not a repeated one (affected by
reputation and trust)
- overall DoS protection
dependent on sum of individual
contributions (protection
with ISP1 and ISP2 investing 1 each is different
protection with ISP1 and
ISP1 investing 2 and 0).

6
Re-Feedback BTs proposed approach for DoS
Market-based DDoS measures
Pricing to increase the cost of attacks - more
useful for interconnection charging than for
retail user - localise pain to the network
allowing pain to be caused - cooperation
might need to be enforced by throttles and
policers - SLA-type penalties for breaking
thresholds Limits of economic approaches value
of attack to attacker gtgt cost to attacker,
irrational attackers

Treats DoS for what it is extreme congestion
an externality
ISPs dont need to judge good/bad, can just
demand response to congestion
Designers dont mandate congestion response, each
ISP
decides according to the market
but ISP liable for externality if it does not act

S2
ND
NB
NA
NC
S1
R4
S3
Status IETF, Transport Area Working Group -
Internet Draft http//www.ietf.org/internet-drafts
/draft-briscoe-tsvwg-re-ecn-tcp-03.txt
7
DDoS Defence mechanisms Bootstrap and
complete adoption incentives