CSE 770 Paper Review

Reviewer: Michela Becchi
Date: 11-3-2005

How would you rate this paper, relative to others we have read? top 25%, but not top 10%

How would you rate your kowledge of the topic of this paper? familiar, but not expert

What problem or issue does the paper address? Why is it important?

The paper presents a proposal for limiting the impact of Denial of Service attacks based on the concept of capabilities. Capabilities consist of data added to the packet header through which destinations allow senders to send them data. They are tracked and handled on the routers.

The problem of security in the Internet is very timely and actual; moreover, as the authors argue, existing proposal to limit DOS attacks do not effectively address all the forms in which they are carried out.

What are the main contributions of the paper and why are they important?

The authors start from an analysis of the limitations of existing proposal to put together a robust design to tackle DOS attacks in the Internet. As mentioned, their design is based on the concept of capabilities, which is itself not new. The main contributions consist therefore in the way capabilities are handled to addresses all the important issues. In particular, the based aspects are:

• Bind capabilities to connections between host
• Mechanism of pre-capabilities to bind capabilities to the network path. This mechanism prevents attackers "far" from senders to take advantage of the possibility to steal capabilities, localizing the impact of attacks
• Introduce fined grained capabilities granting right to send up to N bytes within T seconds. This leads to an impact on longer flow (capability renewal mechanism)
• Use of algorithm to reduce needed router state
• Use of nonce to reduce bandwidth consumption

How significant are these contributions relative to previous work?

As mentioned, I believe that the significance consists in putting together a robust design which addresses the limitations of previous proposal. Even if the used concepts are not new, they are put together in a robust and consistent way.

Give detailed comments justifying your view of the paper.

The paper presents a robust design to address the problem of DOS attacks on a open network. A wide range of previous solutions are discussed along with their limitations. The idea of using capabilities is explored and extended to tackle the different aspects of the problem.

I have a positive view of the paper, especially till section 5. I think that the discussion is always thorough. The design choices are discussed and motivated, and the limitations of the not taken alternatives always addressed.

The evaluation part effectively shows how the proposal better limits the effects of DOS attacks when compared with other solutions.

There are a couple of aspects that I find interesting and for which I would have liked to see a better evaluation. First of all, the authors propose fined-grained capabilities but do not discuss the choice of the values for N and T nor do they evaluate it through experiments. Their sizing affects the rate for capabilities renewal which increases the processing time on the routers. I think that this processing time is an important aspect in the design and the deployment of the proposed mechanism. Second, the choice of N and T also affects the amount of router state, which has an impact on the query time as well. Third, it would have been interesting to clearly see the impact of the router processing time as the number of flows without a cached entries increases. As the authors show, the processing cost of a single operation is not negligible. There may be limit situations where the adoption of the proposed mechanism can have performance impacts.