12:45PM, Thursday, October 20th 2005.
Gates 104

TVA: A DoS-limiting Network Architecture

Xiaowei Yang
University of California, Irvine

About the talk:
In this talk, I will present the design and evaluation of TVA, a network architecture that limits the impact of Denial of Service (DoS) floods from the outset. Our work builds on earlier work on capabilities in which senders obtain short-term authorizations from receivers that they stamp on their packets. We address the full range of possible attacks against communication between pairs of hosts, including spoofed packet floods, network and host bottlenecks, and router state exhaustion. We use simulation to show that attack traffic can only degrade legitimate traffic to a limited extent, significantly outperforming previously proposed DoS solutions. We use a modified Linux kernel implementation to argue that our design can run on gigabit links using only inexpensive off-the-shelf hardware. Our design is also suitable for transition into practice, providing incremental benefit for incremental deployment.

About the speaker:
Xiaowei Yang is an assistant professor in the  Department of Computer Science  at UC Irvine. She  graduated from  MIT in September 2004. Her thesis work is on the design and evaluation of NIRA, a new Internet routing architecture. She started this work on the DoS-limiting network architecture when she worked as a postdoc at University of Washington  in fall 2004.