Northwestern Networks Group

Northwestern Networks Group Research Projects

Measuring Congestion in the Internet

The Internet is a great success that has changed our society in a spectacular way. We are interested in understanding how it functions and how it evolves. In this particular project, our goal is to accurately detect congestion events in the Internet and reveal their spatial (where they happen) and temporal (how long they last) properties.

Resilience to Pollution and Poisoning DoS Attacks

Internet DoS attacks are increasingly moving away from pure resource floods to more sophisticated techniques. Just as it takes a small amount of contamination to create toxic air or water, DoS attackers are capable of injecting malicious packets or launching requests that can instantly collapse Internet protocols or reduce viability of vital resources. The goal of this project is to address these issues on a broad front: (i) by developing and studying a new generation of large-scale poisoning and pollution attacks against the Internet infrastructure, and (ii) by designing, implementing, and deploying appropriate counter-DoS mechanisms.

Building Network Services Based on CDNs' Redirections

Many large-scale distributed systems would benefit from a common information plane that provides accurate information about up-to-date network characteristics. The key idea behind this project is that much of this information is already being collected by operational CDNs (e.g.), Akamai, and implicitly published via DNS. The goal of this project is to build novel network services by reusing these measurements in a transparent manner. Measurement data sets are available here.

Congestion Control in Heterogeneous Environments

Skewed flow-size distributions can cause significant problems to TCP congestion control. In particular, while long flows can be successfully controlled, this is hardly the case for short flows, which dominate in today's Internet. The goal of this project is to fully understand the impact that the above phenomenon can have on network performance, and to d esign network protocols capable of succesfully addressing such problems.

Older projects:

Low-Rate Denial of Service Attacks

Denial of Service attacks are presenting an increasing threat to the global internetworking infrastructure. Hosts with the divergent or malicious interests can readily subvert the protocols and infrastructure that Internet depends on. While TCP's congestion control algorithm is highly robust to diverse network conditions, its implicit assumption of end-system cooperation results in a well-known vulnerability by high-rate non-responsive flows. However, little is known about low-rate denial of service attacks. We have discovered that low-rate attacks can be as harmful as the high-rate ones, yet even more dangerous due to the fact that they are difficult for routers and counter-DoS mechanisms to detect.

TCP Low Priority (TCP-LP)

Service prioritization among different traffic classes is an important goal for the future Internet. Conventional approaches to solving this problem consider the existing best-effort class as the low-priority class, and attempt to develop mechanisms that provide ``better-than-best-effort" service. We explore the opposite approach, and devise a new distributed algorithm to realize a low-priority service (as compared to the existing best effort) from the network endpoints. To this end, we develop TCP Low Priority (TCP-LP), a distributed algorithm whose goal is to utilize only the excess network bandwidth as compared to the ``fair share" of bandwidth as targeted by TCP. The key mechanisms unique to TCP-LP congestion control are the use of one-way packet delays for congestion indications and a TCP-transparent congestion avoidance policy. TCP-LP has become a part of the Linux kernel; the official patch is avilable here.