Presentation is loading. Please wait.

Presentation is loading. Please wait.

Malicious Overjoining in Multicast

Published bySimon Lamb Modified over 6 years ago

Similar presentations

Presentation on theme: "Malicious Overjoining in Multicast"— Presentation transcript:

1 Malicious Overjoining in Multicast
Problem and proposed solution draft-jholland-cb-assisted-cc Jake Holland, Akamai Technologies

2 Multicast with one Compromised Machine
The problem is that nothing stops receivers from joining any flow. By joining (well-behaved) senders’ non-responsive multicast channels, you can DoS receiver-side links. Attack capacity is max groups per receiver*count of compromised machines*highest bandwidths of reachable flows on the internet. By contrast with unicast, one cannot infer that failure of any flow to back off under persistent congestion is a non-bcp41-compliant sender, only that there exists at least one non-compliant receiver downstream. We believe this problem will prevent us from scaling up a multicast video delivery service, unless there is a solution that can preserve the safety of the receiving networks. 80%+ loss

3 Circuit Breaker Assisted Congestion Control
Main point: draft is intended as an attempt to implement the multicast circuit-breaker example from , with the egress in-network (not the endpoint receiver). Ultimately, a solution which is interoperable between domains seems necessary to safely deploy multicast. - potential problem: inter-domain explicit rate signaling is contraindicated: (does this require giving up on inter-domain multicast?) IRTF advice does not seem to rule out the concept of interdomain cooperative signaling, with ECN as a prominent example: Neither of those is normative. - on-path attacks discussed in the draft. (maybe more problematic is shared ipx links, which count as on-path in this context?) - note also: this assumes it’s better to cut off a flow entirely than to partially pass many flows degraded. This may not be true for everything. Notice oversubscribed links, prune or block flows. Send bandwidth advertisements + optional PIM population count for fair pruning decisions (RFC 6807, experimental)

Download ppt "Malicious Overjoining in Multicast"

Similar presentations

March 2010IETF 77, MPLS WG1 Carrying PIM-SM in ASM mode Trees over P2MP mLDP LSPs draft-rekhter-pim-sm-over-mldp-01.txt Y. Rekhter, Juniper Networks R.

March 2010IETF 77, MPLS WG1 Carrying PIM-SM in ASM mode Trees over P2MP mLDP LSPs draft-rekhter-pim-sm-over-mldp-01.txt Y. Rekhter, Juniper Networks R.
TCP--Revisited. Background How to effectively share the network? – Goal: Fairness and vague notion of equality Ideal: If N connections, each should get.

TCP--Revisited. Background How to effectively share the network? – Goal: Fairness and vague notion of equality Ideal: If N connections, each should get.
1 Specifying New Congestion Control Algorithms Sally Floyd and Mark Allman draft-floyd-cc-alt-00.txt November 2006 TSVWG Slides:

1 Specifying New Congestion Control Algorithms Sally Floyd and Mark Allman draft-floyd-cc-alt-00.txt November 2006 TSVWG Slides:
1 o Two issues in practice – Scale – Administrative autonomy o Autonomous system (AS) or region o Intra autonomous system routing protocol o Gateway routers.

1 o Two issues in practice – Scale – Administrative autonomy o Autonomous system (AS) or region o Intra autonomous system routing protocol o Gateway routers.
Receiver-driven Layered Multicast S. McCanne, V. Jacobsen and M. Vetterli University of Calif, Berkeley and Lawrence Berkeley National Laboratory SIGCOMM.

Receiver-driven Layered Multicast S. McCanne, V. Jacobsen and M. Vetterli University of Calif, Berkeley and Lawrence Berkeley National Laboratory SIGCOMM.
Receiver-driven Layered Multicast S. McCanne, V. Jacobsen and M. Vetterli SIGCOMM 1996.

Receiver-driven Layered Multicast S. McCanne, V. Jacobsen and M. Vetterli SIGCOMM 1996.
Source-Adaptive Multilayered Multicast Algorithms for Real- Time Video Distribution Brett J. Vickers, Celio Albuquerque, and Tatsuya Suda IEEE/ACM Transactions.

Source-Adaptive Multilayered Multicast Algorithms for Real- Time Video Distribution Brett J. Vickers, Celio Albuquerque, and Tatsuya Suda IEEE/ACM Transactions.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public BSCI Module 7 Lesson 3 1 IP Multicasting: Multicast Routing Protocols.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public BSCI Module 7 Lesson 3 1 IP Multicasting: Multicast Routing Protocols.
Slide Set 15: IP Multicast. In this set What is multicasting ? Issues related to IP Multicast Section 4.4.

Slide Set 15: IP Multicast. In this set What is multicasting ? Issues related to IP Multicast Section 4.4.
Chapter 4 Network Layer slides are modified from J. Kurose & K. Ross CPE 400 / 600 Computer Communication Networks Lecture 13.

Chapter 4 Network Layer slides are modified from J. Kurose & K. Ross CPE 400 / 600 Computer Communication Networks Lecture 13.
1 Network Layer: Host-to-Host Communication. 2 Network Layer: Motivation Can we built a global network such as Internet by extending LAN segments using.

1 Network Layer: Host-to-Host Communication. 2 Network Layer: Motivation Can we built a global network such as Internet by extending LAN segments using.
Network Layer Goals: understand principles behind network layer services: –routing (path selection) –dealing with scale –how a router works –advanced topics:

Network Layer Goals: understand principles behind network layer services: –routing (path selection) –dealing with scale –how a router works –advanced topics:
HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Security Level: Slide title :40-47pt Slide subtitle :26-30pt Color::white Corporate Font : FrutigerNext.

HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Security Level: Slide title :40-47pt Slide subtitle :26-30pt Color::white Corporate Font : FrutigerNext.
Multicast Routing Protocols NETE0514 Presented by Dr.Apichan Kanjanavapastit.

Multicast Routing Protocols NETE0514 Presented by Dr.Apichan Kanjanavapastit.
Data Comm. & Networks Instructor: Ibrahim Tariq Lecture 3.

Data Comm. & Networks Instructor: Ibrahim Tariq Lecture 3.
Network Layer4-1 Chapter 4: Network Layer Chapter goals: r understand principles behind network layer services: m network layer service models m forwarding.

Network Layer4-1 Chapter 4: Network Layer Chapter goals: r understand principles behind network layer services: m network layer service models m forwarding.
Advances in Multicast - The Promise of Single Source Multicast (SSM) (with a little on multicast DOS) Marshall Eubanks Multicast Technologies

Advances in Multicast - The Promise of Single Source Multicast (SSM) (with a little on multicast DOS) Marshall Eubanks Multicast Technologies
1 Path-decoupled signaling - towards a BOF in SF NSIS working group context Path-decoupled signalling - definition –Path-oriented.

1 Path-decoupled signaling - towards a BOF in SF NSIS working group context Path-decoupled signalling - definition –Path-oriented.
4: Network Layer4-1 Schedule Today: r Finish Ch3 r Collect 1 st Project r See projects run r Start Ch4 Soon: r HW5 due Monday r Last chance for Qs r First.

4: Network Layer4-1 Schedule Today: r Finish Ch3 r Collect 1 st Project r See projects run r Start Ch4 Soon: r HW5 due Monday r Last chance for Qs r First.
Multicast Routing Protocols. The Need for Multicast Routing n Routing based on member information –Whenever a multicast router receives a multicast packet.

Multicast Routing Protocols. The Need for Multicast Routing n Routing based on member information –Whenever a multicast router receives a multicast packet.

Similar presentations

Ads by Google