How can we protect the network infrastructure from malicious traffic, such as scanning, malicious code propagation, and distributed denial-of-service (DDoS) attacks? One mechanism for blocking malicious traffic is filtering: access control lists (ACLs) can ...
We revisit the problem of scaling software routers, motivated by recent advances in server technology that enable high-speed parallel processing---a feature router workloads appear ideally suited to exploit. We propose a software router architecture that p ...
In a significant class of sensor-network applications, the identities of the reporting sensors constitute the bulk of the communicated data, whereas the message itself can be as small as a single bit---for instance, in many cases, sensors are used to detec ...
In a bandwidth-flooding attack, compromised sources send high-volume traffic to the target with the purpose of causing congestion in its tail circuit and disrupting its legitimate communications. In this paper, we present Active Internet Traffic Filtering ...
Software routers can lead us from a network of special-purpose hardware routers to one of general-purpose extensible infrastructure--if, that is, they can scale to high speeds. We identify the challenges in achieving this scalability and propose a solution ...
The Internet provides no information on the fate of transmitted packets, and end systems cannot determine who is responsible for dropping or delaying their traffic. As a result, they cannot verify that their ISPs are honoring their service level agreements ...
