Protecting TCP Congestion Control: Tools for Design, Analysis and Emulation PI: George Kesidis
The increasing volume of non-conforming and malicious traffic flows poses a serious challenge to the stability of the Internet. Such traffic flows could significantly throttle the data rates sustainable by TCP flows, and could affect millions of users who rely on the Internet for their daily business. The following three types of misbehaving flows: unresponsive TCP sessions, low-rate TCP-targeted attacks, and randomly scanning TCP worms, can be easy to launch and are enormously damaging.
This research takes an ambitious step in systematically developing: (i) dynamic router-based quarantine schemes to penalize unresponsive TCP flows; (ii) defense strategies for low-rate TCP-targeted attacks; (iii) router-based designs to effectively control indiscriminate TCP worms; and (iv) tools and methodologies for the evaluation of the proposed schemes, specifically using the DETER/Emulab emulation platform. The research will enable in-depth characterization of the misbehaving flows and the design of effective solutions for minimizing the vulnerability of the Internet to such flows.
This work will have an enormous practical impact, will foster new research directions towards a trustworthy Internet, will accelerate security research by streamlining the experimental process, and will train security students in both theory and hands-on experimentation.
