{"id":2021,"date":"2010-07-28T14:34:27","date_gmt":"2010-07-28T14:34:27","guid":{"rendered":"http:\/\/meeseeks:5080\/blog\/?p=2021"},"modified":"2010-07-28T14:34:27","modified_gmt":"2010-07-28T14:34:27","slug":"by-their-voice-ye-shall-know-them","status":"publish","type":"post","link":"https:\/\/vukutu.com\/blog\/2010\/07\/by-their-voice-ye-shall-know-them\/","title":{"rendered":"By their voice ye shall know them"},"content":{"rendered":"<p>Effective strategies are often counter-intuitive.\u00a0 If you are speaking to a large group, some\u00a0of whom are speaking to each other, your natural tendency will be to try to speak over them, to speak more loudly.\u00a0 But doing\u00a0this\u00a0just encourages the talkers in the audience to increase <em>their<\/em> levels of speech, and so\u00a0an arms race results.\u00a0\u00a0 Better for you to speak more softly, which means that audience talkers can hear themselves more clearly over you, and so typically, and\u00a0unthinkingly, drop the levels of their own speech.<br \/>\nA recent issue of <em>ACM Transactions on Computer Systems <\/em>(ACM TOCS) carries a paper with a wonderful example of this principle.\u00a0 Faced with a denial-of-service attack, they propose that a server ask all its clients to <em>increase<\/em> their messages to the server.\u00a0 Most likely, attackers among the clients\u00a0are already transmitting at their local full capacity, and so are unable to do this, which means that messages from attackers will form a decreasing proportion of all messages received by the server.\u00a0\u00a0 The paper abstract is:<\/p>\n<blockquote><p>This article presents the design, implementation, analysis, and experimental evaluation of <em>speak-up<\/em>, a defense against <em>application-level<\/em> distributed denial-of-service (DDoS), in which attackers cripple a server by sending legitimate-looking requests that consume computational resources (e.g., CPU cycles, disk). With speak-up, a victimized server encourages all clients, resources permitting, <em>to automatically send higher volumes of traffic<\/em>. We suppose that attackers are already using most of their upload bandwidth so cannot react to the encouragement. Good clients, however, have spare upload bandwidth so can react to the encouragement with drastically higher volumes of traffic. The intended outcome of this traffic inflation is that the good clients crowd out the bad ones, thereby capturing a much larger fraction of the server&#8217;s resources than before. We experiment under various conditions and find that speak-up causes the server to spend resources on a group of clients in rough proportion to their aggregate upload bandwidths, which is the intended result.<\/p><\/blockquote>\n<p><em>Reference:<\/em><br \/>\nMichael Walfish, Mythili Vukurutu, Hari Balakrishnan, David Karger and Scott Shenker [2010]:\u00a0 DDoS defense by offense.\u00a0 <em>ACM Transactions on Computer Systems, <\/em>28 (1), article 3.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Effective strategies are often counter-intuitive.\u00a0 If you are speaking to a large group, some\u00a0of whom are speaking to each other, your natural tendency will be to try to speak over them, to speak more loudly.\u00a0 But doing\u00a0this\u00a0just encourages the talkers in the audience to increase their levels of speech, and so\u00a0an arms race results.\u00a0\u00a0 Better [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,14,15],"tags":[],"class_list":["post-2021","post","type-post","status-publish","format-standard","hentry","category-computer-science","category-computer-technology","category-computing-as-interaction","p1","y2010","m07","d28","h14"],"_links":{"self":[{"href":"https:\/\/vukutu.com\/blog\/wp-json\/wp\/v2\/posts\/2021","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/vukutu.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/vukutu.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/vukutu.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/vukutu.com\/blog\/wp-json\/wp\/v2\/comments?post=2021"}],"version-history":[{"count":0,"href":"https:\/\/vukutu.com\/blog\/wp-json\/wp\/v2\/posts\/2021\/revisions"}],"wp:attachment":[{"href":"https:\/\/vukutu.com\/blog\/wp-json\/wp\/v2\/media?parent=2021"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/vukutu.com\/blog\/wp-json\/wp\/v2\/categories?post=2021"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/vukutu.com\/blog\/wp-json\/wp\/v2\/tags?post=2021"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}