l subramanian v roth i stoica s shenker r h katz
play

L. Subramanian, V. Roth, I. Stoica, S. Shenker, R. H. Katz - PowerPoint PPT Presentation

May 30, 2023 •209 likes •392 views

L. Subramanian, V. Roth, I. Stoica, S. Shenker, R. H. Katz Presented by Ashish Vulimiri Focus on invalid routes Invalid routes in the control plane Invalid routes in the data plane Solution: both control and data plane verification

  1. L. Subramanian, V. Roth, I. Stoica, S. Shenker, R. H. Katz Presented by Ashish Vulimiri

  2. Focus on invalid routes  Invalid routes in the control plane  Invalid routes in the data plane Solution: both control and data plane verification

  3. Requirement: Path Verification Actual Guarantee: If an AS receives at least one valid path to AS A, receipt of an invalid path to A will trigger an alarm

  4. Is this a good property to provide?

  5. Loop Verification  Suppose two paths received, A and B  Build loop out of these paths  Source-route along loop (in both directions)

  6. Hash Schemes  When D receives path CBA from C • Signature received: S = h(B, h(A, h(z))) • D computes h(C, S) before sending onwards  Authors suggest two schemes for computing and using these hashes

  7. Secondary Requirement: If an AS sends out “too many” invalid paths, it will be identified Actual Mechanism: Count how many times AS is in a problem-path

  8. ?

  9. Requirement: Check if data plane path matches control plane path Actual Guarantee: Check if data plane path reaches destination

  10. Can you do anything better with end-to-end feedback?

  11.  Mechanism: passive probing • Why?  Raise alert if too many (N) unsuccessful TCP connection attempts in time T  T proportional to popularity of destination • Popularity measured by MTBA

  12.  False negatives • Suggest values for N based on experimental results  False positives • Drop packets on m paths • Observe these m and an additional n • Expected: retransmissions on m, none on n • If not, raise alert

  13.  What they list as potential misbehaviour: • End-hosts collude with adversary, generate fake valid TCP connections • Port scanners: false positives  What else could happen?

  14.  Authors do not assume malicious attempts to game Listen/Whisper  Independent adversaries: if 1000 largest ASes deploy L/W, then in worst-case • 8% of all nodes affected w/o penalties • 1% with penalties

  15.  Colluding adversaries

  16.  Path verification in the control plane  Reachability analysis in the data plane  They remove existing vulnerabilities  … and then add their own  Still, could be a net improvement

  17. Questions?

Recommend

Pathlet Routing Brighten Godfrey Scott Shenker Ion Stoica {pbg,shenker,istoica}@cs.berkeley.edu

Pathlet Routing Brighten Godfrey Scott Shenker Ion Stoica {pbg,shenker,istoica}@cs.berkeley.edu

Pathlet Routing Brighten Godfrey Scott Shenker Ion Stoica {pbg,shenker,istoica}@cs.berkeley.edu UC Berkeley Hotnets 2008 multipath internet routing good for everyone! reliability source observes directly, reacts quickly path quality

552 views • 20 slides
Towards a Next- Generation Inter-domain Routing Protocol L. Subramanian, M. Caesar, C.T. Ee, M.

Towards a Next- Generation Inter-domain Routing Protocol L. Subramanian, M. Caesar, C.T. Ee, M.

Towards a Next- Generation Inter-domain Routing Protocol L. Subramanian, M. Caesar, C.T. Ee, M. Handley , Z. Mao, S. Shenker, and I. Stoica Routing 1999 Internet Map Coloured by ISP Source: Bill Cheswick, Lumeta AS-level Topology 2003

946 views • 37 slides
One More Bit Is Enough One More Bit Is Enough Yong Xia, RPI Lakshmi Subramanian, UCB

One More Bit Is Enough One More Bit Is Enough Yong Xia, RPI Lakshmi Subramanian, UCB

One More Bit Is Enough One More Bit Is Enough Yong Xia, RPI Lakshmi Subramanian, UCB Ion Stoica, UCB Shiv Kalyanaraman, RPI SIGCOMM 05 , Philadelphia, PA 08 / 23 / 2005 Motivation #1: TCPdoesnt work well in high b/w or delay

540 views • 32 slides
Minimizing Churn in Distributed Systems Brighten Godfrey Scott Shenker Ion Stoica SIGCOMM 2006

Minimizing Churn in Distributed Systems Brighten Godfrey Scott Shenker Ion Stoica SIGCOMM 2006

Minimizing Churn in Distributed Systems Brighten Godfrey Scott Shenker Ion Stoica SIGCOMM 2006 1 introduction Churn: an important factor for most distributed systems Turnover causes dropped requests, increased bandwidth, ... Would like to

631 views • 31 slides
Pathlet Routing P. Brighten Godfrey pbg@illinois.edu Igor Ganichev, Scott Shenker, and Ion

Pathlet Routing P. Brighten Godfrey pbg@illinois.edu Igor Ganichev, Scott Shenker, and Ion

Pathlet Routing P. Brighten Godfrey pbg@illinois.edu Igor Ganichev, Scott Shenker, and Ion Stoica {igor,shenker,istoica}@cs.berkeley.edu SIGCOMM 2009 Internet routing challenges Multipath reliability path quality Scalability Policy

973 views • 73 slides
Pathlet Routing P. Brighten Godfrey, Igor Ganichev, Scott Shenker, and Ion Stoica

Pathlet Routing P. Brighten Godfrey, Igor Ganichev, Scott Shenker, and Ion Stoica

Pathlet Routing P. Brighten Godfrey, Igor Ganichev, Scott Shenker, and Ion Stoica & $'

721 views • 40 slides
THE DATACENTER NEEDS AN OPERATING SYSTEM MATEI ZAHARIA, BENJAMIN HINDMAN, ANDY KONWINSKI, ALI

THE DATACENTER NEEDS AN OPERATING SYSTEM MATEI ZAHARIA, BENJAMIN HINDMAN, ANDY KONWINSKI, ALI

THE DATACENTER NEEDS AN OPERATING SYSTEM MATEI ZAHARIA, BENJAMIN HINDMAN, ANDY KONWINSKI, ALI GHODSI, ANTHONY JOSEPH, RANDY KATZ, SCOTT SHENKER, ION STOICA UC BERKELEY THE DATACENTER IS THE NEW COMPUTER Running todays most popular

182 views • 14 slides
Mesos: A Platform for Fine-Grained Resource Sharing in the Data Center Benjamin Hindman, Andy

Mesos: A Platform for Fine-Grained Resource Sharing in the Data Center Benjamin Hindman, Andy

Mesos: A Platform for Fine-Grained Resource Sharing in the Data Center Benjamin Hindman, Andy Konwinski, Matei Zaharia, Ali Ghodsi, Anthony D. Joseph, Randy Katz, Scott Shenker, Ion Stoica University of California, Berkeley Thomas Marshall

397 views • 5 slides
Pathlet Routing P. Brighten Godfrey pbg@illinois.edu Igor Ganichev, Scott Shenker, and Ion

Pathlet Routing P. Brighten Godfrey pbg@illinois.edu Igor Ganichev, Scott Shenker, and Ion

Pathlet Routing P. Brighten Godfrey pbg@illinois.edu Igor Ganichev, Scott Shenker, and Ion Stoica {igor,shenker,istoica}@cs.berkeley.edu SIGCOMM 2009 1 Design for variation Design for variation in outcome, so that the outcome can be

646 views • 23 slides
QoS Services with Dynamic Packet State Ion Stoica Carnegie Mellon University (joint work with

QoS Services with Dynamic Packet State Ion Stoica Carnegie Mellon University (joint work with

QoS Services with Dynamic Packet State Ion Stoica Carnegie Mellon University (joint work with Hui Zhang and Scott Shenker) Todays Internet Service: best-effort datagram delivery Architecture: stateless routers excepting

485 views • 33 slides
"A proof is whatever convinces me.", Shimon Even. G ROTH -S AHAI P ROOFS R EVISITED 1 /

"A proof is whatever convinces me.", Shimon Even. G ROTH -S AHAI P ROOFS R EVISITED 1 /

N ON -I NTERACTIVE P ROOF S YSTEMS G ROTH -S AHAI P ROOFS C ORRECTED G ROTH -S AHAI NIWI P ROOFS G ROTH -S AHAI P ROOFS IN T YP G ROTH -S AHAI P ROOFS R EVISITED E. Ghadafi N.P. Smart B. Warinschi Department of Computer Science, University of

613 views • 29 slides
D Dominant Resource Fairness (DRF) i t R F i (DRF) Fair Allocation of Multiple Resource Types

D Dominant Resource Fairness (DRF) i t R F i (DRF) Fair Allocation of Multiple Resource Types

D Dominant Resource Fairness (DRF) i t R F i (DRF) Fair Allocation of Multiple Resource Types Ali Ghodsi , Matei Zaharia Benjamin Hindman, Andy Konwinski, B j i Hi d A d K i ki Scott Shenker, Ion Stoica University of California, Berkeley

781 views • 51 slides
End-to-End Arguments and Design Philosophy ECE/CS598HPN Instructor: Radhika Mittal

End-to-End Arguments and Design Philosophy ECE/CS598HPN Instructor: Radhika Mittal

End-to-End Arguments and Design Philosophy ECE/CS598HPN Instructor: Radhika Mittal Acknowledgement: Presentation contents derived from Ion Stoica and Scott Shenker at UC Berkeley End-to-End Arguments in System Design J.H. Saltzer, D.P.

818 views • 26 slides
A Layered Naming Architecture Michael Walfish MIT Computer Science and Artificial Intelligence

A Layered Naming Architecture Michael Walfish MIT Computer Science and Artificial Intelligence

A Layered Naming Architecture Michael Walfish MIT Computer Science and Artificial Intelligence Lab Joint work with: H. Balakrishnan, M. Krohn, K. Lakshminarayanan, S. Ratnasamy, S. Shenker, I. Stoica, J. Stribling IRTF HIP RG 6 August 2004

728 views • 10 slides
Resilient Distributed Datasets: A Fault-Tolerant Abstraction for In-Memory Cluster Computing M.

Resilient Distributed Datasets: A Fault-Tolerant Abstraction for In-Memory Cluster Computing M.

Resilient Distributed Datasets: A Fault-Tolerant Abstraction for In-Memory Cluster Computing M. Zaharia, M. Chowdhury, T. Das, A. Dave, J. Ma, M. McCauley, M.J. Franklin, S. Shenker, I. Stoica Computer Laboratory Principal Motivation

628 views • 15 slides
Software Sustainability and Software Citation Daniel S. Katz (d.katz@ieee.org,

Software Sustainability and Software Citation Daniel S. Katz (d.katz@ieee.org,

Software Sustainability and Software Citation Daniel S. Katz (d.katz@ieee.org, http://danielskatz.org, @danielskatz) Assistant Director for Scientific Software & Applications Research Associate Professor, CS, ECE, iSchool What is

403 views • 28 slides
Group Therapy for Systems: Using link attestations to manage failure Michael J. Freedman NYU /

Group Therapy for Systems: Using link attestations to manage failure Michael J. Freedman NYU /

Group Therapy for Systems: Using link attestations to manage failure Michael J. Freedman NYU / Stanford Ion Stoica, David Mazieres, Scott Shenker A little background I built and manage CoralCDN is an open, P2P content distribution

540 views • 24 slides
Dominant Resource Fairness : Fair Allocation of Multiple Resource Types Ali Ghodsi, Matei

Dominant Resource Fairness : Fair Allocation of Multiple Resource Types Ali Ghodsi, Matei

Dominant Resource Fairness : Fair Allocation of Multiple Resource Types Ali Ghodsi, Matei Zaharia, Benjamin Hindman, Andy Konwinski, Scott Shenker, Ion Stoica University of California, Berkeley Talk by: Yael Amsterdamer Introduction Why

800 views • 22 slides
Discretized Streams An Efficient and Fault-Tolerant Model for Stream Processing on Large Clusters

Discretized Streams An Efficient and Fault-Tolerant Model for Stream Processing on Large Clusters

Discretized Streams An Efficient and Fault-Tolerant Model for Stream Processing on Large Clusters Matei Zaharia, Tathagata Das, Haoyuan Li, Scott Shenker, Ion Stoica UC BERKELEY Motivation Many important applications need to

490 views • 19 slides
A Data-Oriented (and Beyond) Network Architecture Authors: T. Koponen, M. Chawla, B. Chun. K.

A Data-Oriented (and Beyond) Network Architecture Authors: T. Koponen, M. Chawla, B. Chun. K.

A Data-Oriented (and Beyond) Network Architecture Authors: T. Koponen, M. Chawla, B. Chun. K. Kim, S. Shenker, A. Ermolinskiy, I. Stoica Presenter: Yi Liu Feb 3, 2011 Introduction Applications shift from host-centric to data-centric

350 views • 23 slides
Scott Shenker, zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA VOL. 13, NO. 7, SEPTEMBER 1995

Scott Shenker, zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA VOL. 13, NO. 7, SEPTEMBER 1995

IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA 1 zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Scott Shenker, zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA VOL. 13, NO. 7,

354 views • 13 slides
Victor J. Katz Joseph W. Dauben Victor J Katz The Teaching of Mathematics Mathematics has

Victor J. Katz Joseph W. Dauben Victor J Katz The Teaching of Mathematics Mathematics has

Victor J. Katz Joseph W. Dauben Victor J Katz The Teaching of Mathematics Mathematics has been taught for the past 4000 years Much of the teaching is through problem solving Although the problems often appear to be practical, in

335 views • 33 slides
Special Events TODAY: March 6, 12:15, Kendade 307, Lunch with Sowmya Subramanian 96, Senior

Special Events TODAY: March 6, 12:15, Kendade 307, Lunch with Sowmya Subramanian 96, Senior

1 Special Events TODAY: March 6, 12:15, Kendade 307, Lunch with Sowmya Subramanian 96, Senior Director of Engineering, Google TODAY: March 6, 7:00 p.m., Gamble Auditorium, Sowmya Subramanian, Empowering Women Through Technology 2 Minimum

525 views • 15 slides
Spark Cluster Computing with Working Sets Matei Zaharia, Mosharaf Chowdhury, Michael Franklin,

Spark Cluster Computing with Working Sets Matei Zaharia, Mosharaf Chowdhury, Michael Franklin,

Spark Cluster Computing with Working Sets Matei Zaharia, Mosharaf Chowdhury, Michael Franklin, Scott Shenker, Ion Stoica UC Berkeley Background MapReduce and Dryad raised level of abstraction in cluster programming by hiding scaling &

307 views • 12 slides

More recommend