Abstract
New services with low-latency (LL) requirements are one of the major challenges for the envisioned Internet. Many optimizations targeting the latency reduction have been proposed, and among them, jointly re-architecting congestion control and active queue management (AQM) has been particularly considered. In this effort, the Low Latency, Low Loss and Scalable Throughput (L4S) proposal aims at allowing both Classic and LL traffic to cohabit within a single node architecture. Although this architecture sounds promising for latency improvement, it can be exploited by an attacker to perform malicious actions whose purposes are to defeat its LL feature and consequently make their supported applications unusable. In this paper, we exploit different vulnerabilities of L4S which are the root of possible attacks and we show that application-layer protocols such as QUIC can easily be hacked in order to exploit the over-sensitivity of those new services to network variations. By implementing such undesirable flows in a real testbed and characterizing how they impact the proper delivery of LL flows, we demonstrate their reality and give insights for research directions on their detection.
Similar content being viewed by others
Data Availability
Availability of data and materials will be provided on the project’s website.
Code Availability
Will be provided on the project’s website.
Notes
Upon paper acceptance the dataset collected will be made available at https://www.mosaico-project.org.
Proportional Integral.
However, legitimate misbehaving flows should not be ignored and should be addressed by the networking community in further research.
Respectively H3ZERO_RESPONSE_MAX and PICOQUIC_FIRST_RESPONSE_MAX.
References
Albisser, O., De Schepper, K., Briscoe, B., Tilmans, O., Steen, H.: DUALPI2—Low Latency, Low Loss and Scalable (L4S) AQM, NetDev 0x13, Prague (2019)
Briscoe, B., De Schepper, K., Bagnulo, M., White, G.: Low Latency, Low Loss, Scalable Throughput (L4S) Internet Service: Architecture. draft-ietf-tsvwg-l4s-arch-10 (2021)
Mathieu, B., Tuffin, S.: Evaluating the L4S architecture in cellular networks with a programmable switch. In: 26th Symposium on Computers and Communications (ISCC), Athens, September 5–8, 2021 (2021)
Oljira, D.B., Grinnemo, K.J., Brunstrom, A., Taheri, J.: Validating the sharing behavior and latency characteristics of the L4S architecture. SIGCOMM Comput. Commun. Rev. 50, 37–44 (2020)
Hutchings, A., Clayton, R.: Exploring the provision of online booter services. Deviant Behav. 37(10), 1163–1178 (2016)
Letourneau, M., N’Djore, K.B., Doyen, G., Mathieu, B., Cogranne, R., Nguyen, H.N.: Assessing the threats targeting low latency traffic: the case of L4S. In: 2021 17th International Conference on Network and Service Management (CNSM), pp. 544–550 (2021). https://doi.org/10.23919/CNSM52442.2021.9615534
Briscoe, B., De Schepper, K., Tilmans, O., Kühlewind, M., Misund, J., Albisser, O., Sajjad Ahmed, A.: Implementing the ‘Prague Requirements’ for Low Latency Low Loss Scalable Throughput (L4S). Netdev 0x13 (2019)
Floyd, S., Ramakrishnan, K.K., Black, D.L.: The Addition of Explicit Congestion Notification (ECN) to IP. RFC3168 (2001)
De Schepper, K., Briscoe, B., White, G.: DualQ Coupled AQMs for Low Latency, Low Loss and Scalable Throughput (L4S). Internet Engineering Task Force (2021)
Briscoe, B., Kühlewind, M., Scheffenegger, R.: More Accurate ECN Feedback in TCP. draft-ietf-tcpm-accurate-ecn-15 (2021)
De Schepper, K., Bondarenko, O., Tsang, I.J., Briscoe, B.: PI\(^{2}\): a linearized AQM for both classic and scalable TCP. CoNEXT, pp. 105–119 (2016)
Tahiliani, R.P., Tewari, H.: Implementation of PI\(^{2}\) queuing discipline for classic TCP traffic in ns-3, networking, pp. 1–6. IEEE Computer Society (2017)
Zargar, S.T., Joshi, J., Tipper, D.: A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Commun. Surv. Tutor. 15(4), 2046–2069 (2013)
Ergenç, D., Brülhart, C., Neumann, J., Krüger, L., Fischer, M.: On the security of IEEE 802.1 time-sensitive networking. In: 2021 IEEE International Conference on Communications Workshops (ICC Workshops), pp. 1–6. IEEE (2021)
Grossman, E., Mizrahi, T., Hacker, A.: Deterministic Networking (DetNet) Security Considerations. RFC 9055. IETF (2021)
Nasrallah, A., et al.: Ultra-low latency (ULL) networks: the IEEE TSN and IETF DetNet standards and related 5G ULL research. IEEE Commun. Surv. Tutor. 21(1), 88–145 (2019). https://doi.org/10.1109/COMST.2018.2869350
Yoshizawa, T., Baskaran, S.B.M., Kunz, A.: Overview of 5G URLLC system and security aspects in 3GPP. In: IEEE Conference on Standards for Communications and Networking (CSCN), pp. 1–5 (2019). https://doi.org/10.1109/CSCN.2019.8931376
Javed, M.A., Khan Niazi, S.: 5G security artifacts (DoS/DDoS and authentication). In: 2019 International Conference on Communication Technologies (ComTech), pp. 127–133 (2019). https://doi.org/10.1109/COMTECH.2019.8737800
Kothari, N., Mahajan, R., Millstein, T., Govindan, R., Musuvathi, M.: Finding protocol manipulation attacks. SIGCOMM Comput. Commun. Rev. 41(4), 26–37 (2011)
Sherwood, R., Bhattacharjee, B., Braud, R.: Misbehaving TCP receivers can cause internet-wide congestion collapse. In: ACM Conference on Computer and Communications Security, pp. 383–392 (2005)
Laraba, A., François, J., Chowdhury, S.R., Chrisment, I., Boutaba, R.: Mitigating TCP protocol misuse with programmable data planes. IEEE Trans. Netw. Serv. Manag. 18(1), 760–774 (2021)
Ely, D., Spring, N., Wetherall, D., Savage, S., Anderson, T.: Robust congestion signaling. In: International Conference on Network Protocols, pp. 332–341. ICNP (2001)
Laraba, A., François, J., Chrisment, I., Chowdhury, S.R., Boutaba, R.: Defeating protocol abuse with P4: application to explicit congestion notification. In: IFIP Networking Conference, pp. 431–439 (2020)
Chen, C., Chen, Y., Zhang, K., Ni, M., Wang, S., Liang, R.: System redundancy enhancement of secondary frequency control under latency attacks. IEEE Trans. Smart Grid 12(1), 647–658 (2021). https://doi.org/10.1109/TSG.2020.3012977
Zhijun, W., Wenjing, L., Liang, L., Meng, Y.: Low-rate DoS attacks, detection, defense, and challenges: a survey. IEEE Access 8, 43920–43943 (2020)
Bianchin, G., Pasqualetti, F.: Time-delay attacks in network systems. In: Koç, Ç. (ed.) Cyber-Physical Systems Security. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98935-8_8
Xiahou, K.S., Liu, Y., Wu, Q.H.: Robust load frequency control of power systems against random time-delay attacks. IEEE Trans. Smart Grid 12(1), 909–911 (2021). https://doi.org/10.1109/TSG.2020.3018635
Aggarwal, P., Gonzalez, C., Dutt, V.: Cyber-security: role of deception in cyber-attack detection. In: Nicholson, D. (ed.) Advances in Human Factors in Cybersecurity. Advances in Intelligent Systems and Computing, vol. 501. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-41932-9_8
Zhang, Q., Liu, K., Xia, Y., Ma, A.: Optimal stealthy deception attack against cyber-physical systems. IEEE Trans. Cybern. 50(9), 3963–3972 (2020). https://doi.org/10.1109/TCYB.2019.2912622
Ge, X., Han, Q.-L., Zhong, M., Zhang, X.-M.: Distributed Krein space-based attack detection over sensor networks under deception attacks. Automatica 109, 108557 (2019). https://doi.org/10.1016/j.automatica.2019.108557
Wang, K., et al.: Resilient control of networked control systems under deception attacks: a memory-event-triggered communication scheme. Int. J. Robust Nonlinear Control 30(4), 1534–1548 (2020)
Addanki, Iannone, L.: Moving a step forward in the quest for Deterministic Networks (DetNet). In: 2020 IFIP Networking Conference (Networking), pp. 458–466 (2020)
Steen, H.: Ddestruction testing: ultra-low delay using dual queue coupled active queue management. Masters Thesis, Dept of Informatics, Uni Oslo (2017)
Iyengar, J., Thomson, M.: QUIC: a UDP-based multiplexed and secure transport. Internet-Draft (draft-ietf-quic-transport-17). IETF (2019). https://datatracker.ietf.org/doc/html/draft-ietf-quic-transport-17
McKeown, N., et al.: The network as a programmable platform: fertile new ground for networking research. SIGCOMM Technical session (2020)
Acknowledgements
This work is partially funded by the French ANR MOSAICO Project, No ANR-19-CE25-0012.
Funding
This study was funded by French ANR MOSAICO Project, No ANR-19-CE25-0012.
Author information
Authors and Affiliations
Contributions
All authors except BM reviewed the manuscript. ML wrote initial versions of every parts except Sect. 6.1, prepared every figures and collected every results, configured the testbed and developed every scripts and codes. GD has completed Sects. 1, 3 and 4, prepared Table 2, wrote Sect. 6.1. RC completed part 6 on PCA analysis and produced the initial script for PCA analysis. BM gave his expertise in L4S and networking configuration. He contributed to Sects. 1 and 2.
Corresponding author
Ethics declarations
Competing Interests
The authors declare no competing interests.
Ethical Approval
Yes.
Consent to Participate
Yes.
Consent for Publication
Yes.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendix: Additionnal Infos on PCA
Appendix: Additionnal Infos on PCA
To complete the comprehension of PCA, we provide bar diagrams indicating to what extent each metrics is contributing to the two first components. Each principal component is a linear combination of the metrics whose weighted coefficient are depicted in ordinate (Fig. 12).
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Letourneau, M., Doyen, G., Cogranne, R. et al. A Comprehensive Characterization of Threats Targeting Low-Latency Services: The Case of L4S. J Netw Syst Manage 31, 19 (2023). https://doi.org/10.1007/s10922-022-09706-z
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10922-022-09706-z