Data on latency and loss-rates during congestion DDoS attacks

• Previous message (by thread): Data on latency and loss-rates during congestion DDoS attacks
• Next message (by thread): Data on latency and loss-rates during congestion DDoS attacks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Damian, thanks!

That's actually roughly the range of losses we focused on; but it was based
on my rough feeling for reasonable loss rates (as well as on experiments
where we caused losses in emulated environments), and a reviewer -
justifiably - asked if we can base our values on realistic values. So I
would love to have real value, I'm sure some people have these measured
(I'm actually quite sure I've seed such values, but the challenge is
recalling where and finding it...).

Also, latency values (under congestion) would be appreciated. Also here, we
used a range of values, I think the highest was 1sec, since we believe that
under congestion delays goes up considerably since many queues fill up [and
again I seem to recall values around this range]. But here the reviewer
even challenged us and said he/she doubts that delays increase
significantly under network congestion since he/she thinks that the
additional queuing is something mostly in small routers such as home
routers (and maybe like the routers used in our emulation testbed). So I'll
love to have some real data to know for sure.

Apart from knowing these things for this specific paper, I should know them
in a well-founded way anyway, as I'm doing rearch on and teaching net-sec
(incl. quite a lot on DoS) :)

-- 
Amir



On Fri, Jan 24, 2020 at 5:31 PM Damian Menscher <damian at google.com> wrote:

> I suggest testing with a broad variety of values, as losses as low as 5%
> can be annoying, but losses at 50% or more are not uncommon.
>
> Damian
>
> On Fri, Jan 24, 2020 at 4:41 AM Amir Herzberg <amir.lists at gmail.com>
> wrote:
>
>> Dear NANOG,
>>
>> One of my ongoing research works is about a transport protocol that
>> ensures (critical) communication in spite of DDoS congestion attack (which
>> cannot be circumvented), by (careful) use of Forward Error Correction. Yes,
>> obviously, this has to be done and used carefully since the FEC clearly
>> increases traffic rather than the typical congestion-control approach of
>> reducing it, I'm well aware of it; but some applications are critical (and
>> often low-bandwidth) so such tool is important.
>>
>> I am looking for data on loss rate and congestion of DDoS attacks to make
>> sure we use right parameters. Any chance you have such data and can share?
>>
>> Many thanks!
>> --
>> Amir Herzberg
>> Comcast chair of security innovation, University of Connecticut
>> Foundations of cybersecurity
>> <https://www.researchgate.net/publication/323243320_Introduction_to_Cyber-Security_Part_I_Applied_Cryptography_Lecture_notes_and_exercises>, part
>> I (see also part II and presentations):
>> https://www.researchgate.net/publication/323243320_Introduction_to_Cyber-Security_Part_I_Applied_Cryptography_Lecture_notes_and_exercises
>> <https://www.researchgate.net/project/Lecture-notes-on-Introduction-to-Cyber-Security>
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20200124/67281e06/attachment.html>

• Previous message (by thread): Data on latency and loss-rates during congestion DDoS attacks
• Next message (by thread): Data on latency and loss-rates during congestion DDoS attacks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]