Skip to main content
SpringerLink
Log in

A Comprehensive Characterization of Threats Targeting Low-Latency Services: The Case of L4S

  • Published:
Journal of Network and Systems Management Aims and scope Submit manuscript

Abstract

New services with low-latency (LL) requirements are one of the major challenges for the envisioned Internet. Many optimizations targeting the latency reduction have been proposed, and among them, jointly re-architecting congestion control and active queue management (AQM) has been particularly considered. In this effort, the Low Latency, Low Loss and Scalable Throughput (L4S) proposal aims at allowing both Classic and LL traffic to cohabit within a single node architecture. Although this architecture sounds promising for latency improvement, it can be exploited by an attacker to perform malicious actions whose purposes are to defeat its LL feature and consequently make their supported applications unusable. In this paper, we exploit different vulnerabilities of L4S which are the root of possible attacks and we show that application-layer protocols such as QUIC can easily be hacked in order to exploit the over-sensitivity of those new services to network variations. By implementing such undesirable flows in a real testbed and characterizing how they impact the proper delivery of LL flows, we demonstrate their reality and give insights for research directions on their detection.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

Data Availability

Availability of data and materials will be provided on the project’s website.

Code Availability

Will be provided on the project’s website.

Notes

  1. Upon paper acceptance the dataset collected will be made available at https://www.mosaico-project.org.

  2. Proportional Integral.

  3. However, legitimate misbehaving flows should not be ignored and should be addressed by the networking community in further research.

  4. In [32], the authors refer to this type of flow as misbehaving ones, which is not compliant with the taxonomy proposed in Fig. 1. However, the authors neither relate their work to any flow classification nor motivate this naming as compared to other types of undesirable flows.

  5. https://github.com/L4STeam/linux.

  6. https://github.com/quicwg/base-drafts/wiki/Implementations#picoquic.

  7. https://github.com/L4STeam/picoquic.

  8. Respectively H3ZERO_RESPONSE_MAX and PICOQUIC_FIRST_RESPONSE_MAX.

References

  1. Albisser, O., De Schepper, K., Briscoe, B., Tilmans, O., Steen, H.: DUALPI2—Low Latency, Low Loss and Scalable (L4S) AQM, NetDev 0x13, Prague (2019)

  2. Briscoe, B., De Schepper, K., Bagnulo, M., White, G.: Low Latency, Low Loss, Scalable Throughput (L4S) Internet Service: Architecture. draft-ietf-tsvwg-l4s-arch-10 (2021)

  3. Mathieu, B., Tuffin, S.: Evaluating the L4S architecture in cellular networks with a programmable switch. In: 26th Symposium on Computers and Communications (ISCC), Athens, September 5–8, 2021 (2021)

  4. Oljira, D.B., Grinnemo, K.J., Brunstrom, A., Taheri, J.: Validating the sharing behavior and latency characteristics of the L4S architecture. SIGCOMM Comput. Commun. Rev. 50, 37–44 (2020)

    Article  Google Scholar 

  5. Hutchings, A., Clayton, R.: Exploring the provision of online booter services. Deviant Behav. 37(10), 1163–1178 (2016)

    Article  Google Scholar 

  6. Letourneau, M., N’Djore, K.B., Doyen, G., Mathieu, B., Cogranne, R., Nguyen, H.N.: Assessing the threats targeting low latency traffic: the case of L4S. In: 2021 17th International Conference on Network and Service Management (CNSM), pp. 544–550 (2021). https://doi.org/10.23919/CNSM52442.2021.9615534

  7. Briscoe, B., De Schepper, K., Tilmans, O., Kühlewind, M., Misund, J., Albisser, O., Sajjad Ahmed, A.: Implementing the ‘Prague Requirements’ for Low Latency Low Loss Scalable Throughput (L4S). Netdev 0x13 (2019)

  8. Floyd, S., Ramakrishnan, K.K., Black, D.L.: The Addition of Explicit Congestion Notification (ECN) to IP. RFC3168 (2001)

  9. De Schepper, K., Briscoe, B., White, G.: DualQ Coupled AQMs for Low Latency, Low Loss and Scalable Throughput (L4S). Internet Engineering Task Force (2021)

  10. Briscoe, B., Kühlewind, M., Scheffenegger, R.: More Accurate ECN Feedback in TCP. draft-ietf-tcpm-accurate-ecn-15 (2021)

  11. De Schepper, K., Bondarenko, O., Tsang, I.J., Briscoe, B.: PI\(^{2}\): a linearized AQM for both classic and scalable TCP. CoNEXT, pp. 105–119 (2016)

  12. Tahiliani, R.P., Tewari, H.: Implementation of PI\(^{2}\) queuing discipline for classic TCP traffic in ns-3, networking, pp. 1–6. IEEE Computer Society (2017)

  13. Zargar, S.T., Joshi, J., Tipper, D.: A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Commun. Surv. Tutor. 15(4), 2046–2069 (2013)

    Article  Google Scholar 

  14. Ergenç, D., Brülhart, C., Neumann, J., Krüger, L., Fischer, M.: On the security of IEEE 802.1 time-sensitive networking. In: 2021 IEEE International Conference on Communications Workshops (ICC Workshops), pp. 1–6. IEEE (2021)

  15. Grossman, E., Mizrahi, T., Hacker, A.: Deterministic Networking (DetNet) Security Considerations. RFC 9055. IETF (2021)

  16. Nasrallah, A., et al.: Ultra-low latency (ULL) networks: the IEEE TSN and IETF DetNet standards and related 5G ULL research. IEEE Commun. Surv. Tutor. 21(1), 88–145 (2019). https://doi.org/10.1109/COMST.2018.2869350

    Article  Google Scholar 

  17. Yoshizawa, T., Baskaran, S.B.M., Kunz, A.: Overview of 5G URLLC system and security aspects in 3GPP. In: IEEE Conference on Standards for Communications and Networking (CSCN), pp. 1–5 (2019). https://doi.org/10.1109/CSCN.2019.8931376

  18. Javed, M.A., Khan Niazi, S.: 5G security artifacts (DoS/DDoS and authentication). In: 2019 International Conference on Communication Technologies (ComTech), pp. 127–133 (2019). https://doi.org/10.1109/COMTECH.2019.8737800

  19. Kothari, N., Mahajan, R., Millstein, T., Govindan, R., Musuvathi, M.: Finding protocol manipulation attacks. SIGCOMM Comput. Commun. Rev. 41(4), 26–37 (2011)

    Article  Google Scholar 

  20. Sherwood, R., Bhattacharjee, B., Braud, R.: Misbehaving TCP receivers can cause internet-wide congestion collapse. In: ACM Conference on Computer and Communications Security, pp. 383–392 (2005)

  21. Laraba, A., François, J., Chowdhury, S.R., Chrisment, I., Boutaba, R.: Mitigating TCP protocol misuse with programmable data planes. IEEE Trans. Netw. Serv. Manag. 18(1), 760–774 (2021)

    Article  Google Scholar 

  22. Ely, D., Spring, N., Wetherall, D., Savage, S., Anderson, T.: Robust congestion signaling. In: International Conference on Network Protocols, pp. 332–341. ICNP (2001)

  23. Laraba, A., François, J., Chrisment, I., Chowdhury, S.R., Boutaba, R.: Defeating protocol abuse with P4: application to explicit congestion notification. In: IFIP Networking Conference, pp. 431–439 (2020)

  24. Chen, C., Chen, Y., Zhang, K., Ni, M., Wang, S., Liang, R.: System redundancy enhancement of secondary frequency control under latency attacks. IEEE Trans. Smart Grid 12(1), 647–658 (2021). https://doi.org/10.1109/TSG.2020.3012977

    Article  Google Scholar 

  25. Zhijun, W., Wenjing, L., Liang, L., Meng, Y.: Low-rate DoS attacks, detection, defense, and challenges: a survey. IEEE Access 8, 43920–43943 (2020)

    Article  Google Scholar 

  26. Bianchin, G., Pasqualetti, F.: Time-delay attacks in network systems. In: Koç, Ç. (ed.) Cyber-Physical Systems Security. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98935-8_8

    Chapter  Google Scholar 

  27. Xiahou, K.S., Liu, Y., Wu, Q.H.: Robust load frequency control of power systems against random time-delay attacks. IEEE Trans. Smart Grid 12(1), 909–911 (2021). https://doi.org/10.1109/TSG.2020.3018635

    Article  Google Scholar 

  28. Aggarwal, P., Gonzalez, C., Dutt, V.: Cyber-security: role of deception in cyber-attack detection. In: Nicholson, D. (ed.) Advances in Human Factors in Cybersecurity. Advances in Intelligent Systems and Computing, vol. 501. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-41932-9_8

    Chapter  Google Scholar 

  29. Zhang, Q., Liu, K., Xia, Y., Ma, A.: Optimal stealthy deception attack against cyber-physical systems. IEEE Trans. Cybern. 50(9), 3963–3972 (2020). https://doi.org/10.1109/TCYB.2019.2912622

    Article  Google Scholar 

  30. Ge, X., Han, Q.-L., Zhong, M., Zhang, X.-M.: Distributed Krein space-based attack detection over sensor networks under deception attacks. Automatica 109, 108557 (2019). https://doi.org/10.1016/j.automatica.2019.108557

    Article  MATH  Google Scholar 

  31. Wang, K., et al.: Resilient control of networked control systems under deception attacks: a memory-event-triggered communication scheme. Int. J. Robust Nonlinear Control 30(4), 1534–1548 (2020)

    Article  MATH  Google Scholar 

  32. Addanki, Iannone, L.: Moving a step forward in the quest for Deterministic Networks (DetNet). In: 2020 IFIP Networking Conference (Networking), pp. 458–466 (2020)

  33. Steen, H.: Ddestruction testing: ultra-low delay using dual queue coupled active queue management. Masters Thesis, Dept of Informatics, Uni Oslo (2017)

  34. Iyengar, J., Thomson, M.: QUIC: a UDP-based multiplexed and secure transport. Internet-Draft (draft-ietf-quic-transport-17). IETF (2019). https://datatracker.ietf.org/doc/html/draft-ietf-quic-transport-17

  35. McKeown, N., et al.: The network as a programmable platform: fertile new ground for networking research. SIGCOMM Technical session (2020)

Download references

Acknowledgements

This work is partially funded by the French ANR MOSAICO Project, No ANR-19-CE25-0012.

Funding

This study was funded by French ANR MOSAICO Project, No ANR-19-CE25-0012.

Author information

Authors and Affiliations

  1. LIST3N, Université de Technologie de Troyes, Troyes, France

    Marius Letourneau & Rémi Cogranne

  2. OCIF - IRISA (UMR CNRS 6074), IMT Atlantique, Rennes, France

    Guillaume Doyen

  3. Orange Innovation, Lannion, France

    Bertrand Mathieu

Authors
  1. Marius Letourneau
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Guillaume Doyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rémi Cogranne
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bertrand Mathieu
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

All authors except BM reviewed the manuscript. ML wrote initial versions of every parts except Sect. 6.1, prepared every figures and collected every results, configured the testbed and developed every scripts and codes. GD has completed Sects. 1, 3 and 4, prepared Table 2, wrote Sect. 6.1. RC completed part 6 on PCA analysis and produced the initial script for PCA analysis. BM gave his expertise in L4S and networking configuration. He contributed to Sects. 1 and 2.

Corresponding author

Correspondence to Marius Letourneau.

Ethics declarations

Competing Interests

The authors declare no competing interests.

Ethical Approval

Yes.

Consent to Participate

Yes.

Consent for Publication

Yes.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendix: Additionnal Infos on PCA

Appendix: Additionnal Infos on PCA

To complete the comprehension of PCA, we provide bar diagrams indicating to what extent each metrics is contributing to the two first components. Each principal component is a linear combination of the metrics whose weighted coefficient are depicted in ordinate (Fig. 12).

Fig. 12
figure 12

PCA of the router metrics with both a legitimate iperf3 flow and an malformed (unpaced) picoquic flow passing through the LL queue (router rate is set to 10 Mbps). Bar diragramm representations

Full size image

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Letourneau, M., Doyen, G., Cogranne, R. et al. A Comprehensive Characterization of Threats Targeting Low-Latency Services: The Case of L4S. J Netw Syst Manage 31, 19 (2023). https://doi.org/10.1007/s10922-022-09706-z

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10922-022-09706-z

Keywords

Search

Navigation