Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse

Sherwood, Rob; Bhattacharjee, Bobby; Braud, Ryan

View/Open

optack-extended.pdf (334.5Kb)
No. of downloads: 704

Date

2005-11-15

Author

Sherwood, Rob

Bhattacharjee, Bobby

Braud, Ryan

Metadata

Show full item record

Abstract

An "optimistic" acknowledgment (OptAck) is an acknowledgment sent by a misbehaving client for a data segment that it has not received. Whereas previous work has focused on OptAck as a means to greedily improve end-to-end performance, we study OptAck exclusively as a denial of service attack. Specifically, an attacker sends optimistic acknowledgments to many victims in parallel, thereby amplifying its effective bandwidth by a factor of 30 million (worst case). Thus, even a relatively modest attacker can totally saturate the paths from many victims back to the attacker. Worse, a distributed network of compromised machines (``zombies'') can exploit this attack in parallel to bring about wide-spread, sustained congestion collapse. We implement this attack both in simulation and in a wide-area network, and show it severity both in terms of number of packets and total traffic generated. We engineer and implement a novel solution that does not require client or network modifications allowing for practical deployment. Additionally, we demonstrate the solution's efficiency on a real network.

URI

http://hdl.handle.net/1903/3019

Collections

Technical Reports of the Computer Science Department