The role of network capabilities

Xiaowei Yangxwy@uci.edu

UC Irvine

NSF FIND PI meeting, June 28 2007

Root cause of unwanted traffic

Any host can send to any destination without obtaining permissions

Network capabilities: ask-before-send

• [Anderson03], TVA, SIFF1. Source requests permission to send. 2. Destination authorizes source for a limited transfer,

e.g, 32KB in 10 secs• A capability is the proof of a destination’s

authorization.3. Source places capabilities on packets and sends

them.4. Network filters packets based on capabilities.

cap

But attackers can flood request packets !

Request packets do not carry capabilities

Protecting request channel is different

Request packets can be rate limited Protect established connections

cap capcap

Protecting request channel is different

Fair resource allocation to prevent attackers from overwhelming legitimate requests

Fair queuing, puzzles [Parno07]

Protecting request channel is different

Reliable filters close to attack sources Cryptographic secure identifiers

The role of capabilities

Allow comprehensive DoS protection mechanisms to be deployed on a slow channel

Enable traffic authorization

Protect existing connections during attack

cap