Aggregate-Based Congestion Control (ACC) and Pushback
Controlling High Bandwidth Aggregates in the Network (Extended
Steven M. Bellovin,
The shorter CCR version: CCR, V.32 N.3, July 2002.
Poster at SIGCOMM 2001
Simulation scripts for the papers.
Pushback Messages for Controlling Aggregates in the Network
Sally Floyd, Steven M. Bellovin, John Ioannidis, Kireeti Kompella,
Ratul Manajan, and Vern Paxson.
draft-floyd-pushback-messages-00.txt, internet-draft, work in progress,
July 2001. Expired draft.
Distributed Denial of Service Attacks.
Steve Bellovin, February 18, 2000.
This talk discusses traffic volume monitoring, and the need for
enhanced congestion control for high-volume aggregates.
from Vern Paxson,
The DDoS Attacks.
RAID 2000, October 2000.
Theses viewgraphs give a quick overview of controlling high volume
aggregates using Pushback.
Controlling High Bandwidth Aggregates
Sally Floyd, November 29-30, 2000, E2E Research Group.
- Or the revised version talking about Bullies, Mobs, and Crooks
December 4, 2000.
This talk discusses controlling high-bandwidth flows,
aggregate-based congestion control
(for flash crowds), and DoS attacks at the congested
the use of Pushback to "push" packet drops upstream.
DDoS Attacks and Pushback, December 5, 2000
These viewgraphs describe Pushback, and show a number of simulation
- Also the February 18, 2001, version of the talk, at NANOG:
Aggregate Based Congestion: Detection and Control,
Seminar, University of Washington.
This talk discusses the motivation and mechanisms for aggregate-based congestion
Jaeyeon Jung, Balachander Krishnamurthy, and Michael Rabinovich,
Flash Crowds and Denial of Service Attacks: Characterization and
Implications for CDNs and Web Sites,
WWWW2002, May 2002.
"Section 4.3 summarizes the behavioral differences of flash events and
DoS attacks and develops some recommendations for Web servers based on
Jelena Mirkovic, Janice Martin, and Peter Reiher,
A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms,
UCLA Technical Report #020018, 2002.
"This paper proposes a taxonomy of distributed denial-of-service
attacks and a taxonomy of the defense mechanisms that strive to
counter these attacks... The goal of the paper is to impose some
order into the multitude
of existing attack and defense mechanisms that would lead to a better
understanding of challenges in the distributed denial-of-service field."
- Christian Estan and George Varghese,
New Directions in Traffic Measurement and Accounting,
SIGCOMM, August 2002.
"We propose two novel and scalable algorithms for identifying
the large flows."
What are the
in routers that would be useful for pushback and/or local ACC?
Pointers to the commercial world:
(The pushback project doesn't have any affiliations with any of these
Cisco's IP Source Tracker.
"The IP Source Tracker feature allows you to gather information about
the traffic flowing to a host that is suspected to be under attack. This
feature also allows you to easily trace an attack back to its entry
point into the network."
Last modified: November 2002.