Overview of Pushback.
Architecture of router.
Pushback: Remedy for DDoS attack
DDoS attacks – Disturbance to the global .
How do DDoS attacks occur?
Congestion could be caused by flash crowds too.
ing 2000 Sydney Olympics.
Victim can do nothing to protect itself.
Can anything be done inside work to defend?
What is Pushback?
Pushback - Defense against DDoS.
A mechanism that allows a router to request adjacent upstream routers to limit the rate of traffic.
Concept - Aggregate congestion control (ACC).
Aggregate - Subset of traffic with identifiable property.
Congestion Signature - Set of properties of the aggregate identified as causing problems.
DDoS attack in progress
Red - Bad traffic
Green - Good traffic
Partial view of a router
Dropped Packet Report
Is sent by the rate-limiter to the Pushback daemon.
IP Destination address
How does the Pushback daemon identify an attack and the victim?
Step1: If (wi > 1.2 * wo) then attack is in progress.
Step2: Dropped packets are grouped according to the longest matching prefi