Internet Traffic Management: Security vs. Economics Sergey Gorinsky Developing the Science of Networks NPSec 2013, the 8th IEEE workshop on Secure Network Protocols Göttingen, Germany, 7 October 2013 www.networks.imdea.org

Preview Security vs. economics of Internet traffic How to deal with uncertainty in network protocols? Personal research retrospective (with ICNP anecdotes) Security against inflated multicast subscription RD network services Economics of traffic attraction Cooperative IP transit Attempts to generalize and conclude Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Prehistory (before Security and Economics) Performance is the king Internet traffic management needs to be improved! Obsession with perfection Optimal algorithms Scalability without a limit “Good enough is not good enough” Frustrations of perfectionism NP-complete problems Physical constants Researchers with alternative ideas Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Receiver-driven Layered Multicast (McCanne et al. 1996) 1 Mbps group Sender 3 Mbps group 1 Mbps receiver 1 Mbps receiver 4 Mbps receiver Idea: control congestion by the receivers subscribing to multicast groups in a multiple-group session Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

To Security (“I am a Control Freak”) Expecting others to follow my design Others doing things their own way? This would be less efficient This is a misbehavior This has to be secured against “My way or the highway” ICNP 1998 (Austin, Texas), Hui Zhang’s tutorial “Traffic Control and QoS Management in the Internet”: TCP, router mechanisms, IntServ (Integrated Services), DiffServ (Differentiated Services) Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Security against Inflated Subscription (Gorinsky et al. 2003) Updated key Idea: link the group access with the congestion status Packets Sender Receiver No updated key Receiver Receiver Updated key Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Security Mechanism Details (Gorinsky et al. 2003) Packets of group 4: 16 17 18 19 20 3 Packets of group 3: 11 12 13 14 15 2 Packets of group 2: 7 6 8 9 10 1 Packets of group 1: 1 2 3 4 5 Time slot Top key for each group g where is XOR, is a component in packet p of group j Each packet of group g carries a decrease key for group g-1 When an increase is authorized, the increase key is Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

How dangerous is the outside world? How common is this misbehavior? How strong is the need for solving the problem? Allan Borodin and Stephen Cook, University of Toronto, 2003 Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Network Service Differentiation 11/18/2018 IntServ performance guarantees for end-to-end flows end-to-end delay and throughput high complexity no end-to-end deployment DiffServ reduced complexity performance guarantees for classes of flows Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Towards Economics Others have the right to have a choice This is not an Internet. (© Magritte) ICNP 2007 (Beijing, China) panel discussion by NSF Others have the right to have a choice Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Internet of Multiple Stakeholders 11/18/2018 Internet of Multiple Stakeholders legacy user adopting user : legacy network : adopting network Networks (and users) with different economic interests Ineffective service differentiation under partial deployment No ability to charge differently for different services Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

RD Network Services (Podlesny and Gorinsky 2008) 11/18/2018 RD Network Services (Podlesny and Gorinsky 2008) RD router R queue output link D queue Differentiation with free choice between two services R (Rate) service of higher throughput D (Delay) service of lower delay Router implementation via link scheduling and buffer sizing Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

In Economics What others want? How much do they value it? How can I provide it? Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Internet Traffic Value (Bangera and Gorinsky 2013) Sender traffic Receiver How valuable is traffic for transit networks? Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Internet Traffic Value (Bangera and Gorinsky 2013) Sender traffic path announcement Receiver Can a network attract traffic to increase transit revenue? Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Economics of Attraction (Bangera and Gorinsky 2013) Traffic attraction can substantially increase transit revenues pulls traffic up the transit hierarchy reduces peering traffic is effective despite countermeasures Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Reduction of Transit Costs Network interest in reducing its transit costs Solutions that reduce transit traffic Peering, multicast, content delivery networks, … (4) animations Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Tuangou of CIPT (Stanojevic, Castro, and Gorinsky 2011) Reduction of transit costs without altering traffic Economies of scale in transit pricing CIPT (Cooperative IP Transit) multiple ISPs jointly purchase transit in bulk Shapley value to share the savings $ $ (4) animations Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Individual Savings (Stanojevic, Castro, and Gorinsky 2011) Each CIPT network reduces its own transit cost Absolute savings grow with the network size Relative savings drop with the network size (1) animation Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

CIPT and the Internet (Castro, Stanojevic, and Gorinsky 2013) Reaction by transit providers CIPT as a new customer Bypass of the middleman Overall impact on the Internet ecosystem $ (4) animations Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Attempt to Conclude Be open to alternative ways Accept inefficiency Securing own design is fine Forcing my security on others is not Working with the environment, not against it Accept inefficiency My designs are not perfect and never will be Diversity is valuable in itself No “price of anarchy” blues Think globally, act locally Improve global traffic management via local improvements Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

Thanks! Maxim Podlesny Harrick Vin Yongguang Zhang Sugat Jain Rade Stanojevic Ignacio Castro Pradeep Bangera Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018

ICNP 2013 (Göttingen, Germany) What will we learn here? Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November 201818 November 2018