COPS: Quality of Service vs. Any Service at All
Todays networks are awash in illegitimate traffic: port scans, propagating worms, and illegal peer-to-peer transfers of materials . This “noise” has created such a crescendo that legitimate traffic is starved for network resources. Essential network services, like DNS and remote file systems, are rendered unavailable. The challenge is no longer “quality of service” but rather “any service at all”. Techniques must be developed to identify and segregate traffic into good, bad, and suspicious classes. Quality of Service should now protect the good, block the bad, and slow the ugly when the network is under stress of high resource utilization. We discuss the research challenges and outline a possible architectural approach: COPS (Checking, Observing, and Protecting Services). It is founded on “Inspection-and-Action Boxes” (iBoxes) and packet annotations. The former are middlebox network elements able to inspect packets deeply while performing filtering, shaping, and labelling actions upon them. The latter is a new layer between routing and transport that tags packets for control purposes while also providing an in-band control plane for managing iBoxes across a network.
Unable to display preview. Download preview PDF.
- 2.RFC 2998 A Framework for Integrated Services Operation over Diffserv NetworksGoogle Scholar
- 3.Personal Communication. Berkeley IS&T Staff (August 2004)Google Scholar
- 4.Personal Communication. Berkeley EECS Network Administrators (February 2005)Google Scholar
- 5.Fox, A., Patterson, D.: Self-repairing computers. In: Scientific American (June 2003)Google Scholar
- 6.Galis, A., Denazis, S., Brou, C., Klein, C. (eds.): Programmable Networks for IP Service Deployment. Artech House Publishers, London (2004)Google Scholar
- 7.Kohler, E., Morris, R., Chen, B., Jannotti, J., Kaashoek, M.F.: The click modular router. In: ACM Transactions on Computer Systems, November 2000, vol. 18 (2000)Google Scholar
- 8.Pang, R., Yegneswaran, V., Barford, P., Paxson, V., Peterson, L.: Characteristics of internet background radiation. In: ACM Internet Measurement Conference, Taormina, Sicily (October 2004)Google Scholar
- 9.Stemm, M., Seshan, S., Katz, R.H.: A network measurement architecture for adaptive applications. In: IEEE Infocomm 2000 Conference, Tel Aviv, Israel (March 2000)Google Scholar
- 10.Stoica, I., Zhang, H., Shenker, S.: Self-verifying CSFQ. In: Proceedings of INFOCOM 2002, New York, June 2002, pp. 21–30 (2002)Google Scholar
- 11.Subramanian, L., Roth, V., Stoica, I., Katz, R.H., Shenker, S.: Listen and whisper: Security mechanisms for BGP. In: USENIX/ACM Symposium on Networked System Design and Implementation (NSDI 2004), San Francisco, CA (March 2004)Google Scholar
- 12.Tennenhouse, D.L., Wetherall, D.J.: Towards an active network architecture. In: Computer Communications Review, April 1996, vol. 26 (1996)Google Scholar
- 13.Tsai, M.: The Design and Implementation of RouterVM. PhD thesis, U. C. Berkeley (Expected) (August 2005)Google Scholar
- 14.Zheng, A.X., Jordan, M.I., Liblit, B., Aiken, A.: Statistical debugging of sampled programs. In: Advances in Neural Information Processing Systems, NIPS (2003)Google Scholar