Title:
"Quality of Service versus Any Service at All"
Abstract:
Today's networks are awash in illegitimate traffic: port
scans, propagating worms, illegal peer-to-peer transfers of materials.
The noise of this background "junk" has risen to such a crescendo that
legitimate traffic can be starved for network resources and critical
network services--like DNS and mounted file systems--are rendered
unavailable. The new challenge is not "quality of service" but rather
"any service at all." The time for pervasively identifying and
segregating traffic into good, bad, and suspicious classes is now.
Protect the good, block the bad, and slow the ugly. In this talk, we
discuss the research challenges and outline a possible architectural
approach, which we call COPS (Checking, Observing, and Protecting
Services). COPS is founded on the two technologies of checkable
protocols and Inspection-and-Action Boxes (iBoxes). The former are
protocols constrained to behave according to certain easily checked
patterns; the latter are middlebox network elements able to inspect
packets deeply while performing certain filtering, shaping, and
labeling actions upon them.
|
