Defending Against Request Floods

March 26, 2007
Time: 11:00am-12:00pm
InterSchool Lab, 7th Floor CEPSR
Hosted by: CS Department
Speaker: Michael Walfish, Massachusetts Institute of Technology

Abstract

The Internet is afflicted by unwelcome "requests", defined broadly as claims on a scarce resource, such as a server's CPU (in the case of spurious traffic whose purpose is to deny service) or a human's attention (in the case of spam). Traditional responses to these problems apply heuristics: they try to identify "bad" requests based on their content (e.g., in the way that spam filters analyze an email's text). This talk argues that heuristic attempts at filtering are inherently gameable and instead presents two systems that limit request volumes directly. The first is a denial-of-service mitigation in which clients are encouraged to automatically send *more* traffic to a besieged server. The "good" clients can thereby compete equally with the "bad" ones. The second is a system for enforcing *per-sender email quotas* to control spam. This system scales to a workload of millions of requests per second, tolerates Byzantine faults in its constituent hosts, and resists a variety of attacks.

Speaker Biography

Michael Walfish is a Ph.D. student in computer science at M.I.T. He received his B.A. from Harvard in 1998 and then worked for four years, three of those at Digital Fountain, Inc. His research interests are in networked systems, with sub-interests in security, performance, and network architecture.


500 W. 120th St., Mudd 1310, New York, NY 10027    212-854-3105               
©2014 Columbia University