Speaker Aff

iliation: Massachusetts Institute of Technology CSAIL

Date: April
26 2007

Start Time: 11:00a.m.

End Time: 12:00p.m.

Location: ACES 2.302

Host: Lorenzo Alvisi

Talk Title: Defe

nding Networked Resources Against Floods of Unwelcome Requests

Talk

Abstract:

The Internet is afflicted by unwelcome requests defined b

roadly
as claims on a scarce resource such as a server''s CPU (in

the case of spurious traffic whose purpose is to deny service)
or a hum

an''s attention (in the case of spam). Traditional
responses to these p

roblems apply heuristics: they try to
identify bad requests based on th

eir content (e.g. in
the way that spam filters analyze an email''s tex

t). This
talk argues that heuristic attempts at filtering are inherent

ly
gameable and instead presents two systems that limit request
vol

umes directly. The first is a denial-of-service mitigation
in which cli

ents are encouraged to automatically send *more*
traffic to a besieged

server. The good clients can thereby
compete equally with the bad ones.
The second is a system
for enforcing *per-sender email quotas* to cont

rol spam.
This system scales to a workload of millions of requests

per second tolerates Byzantine faults in its constituent
hosts and re