Video Converter
Audio Converter
Image Converter
PDF Converter
File Compressor
off by default

Off by Default! Hitesh Ballani, Yatin Chawathe, Sylvia Ratnasamy, - PowerPoint PPT Presentation

Mar 08, 2023 •133 likes •773 views

Off by Default! Hitesh Ballani, Yatin Chawathe, Sylvia Ratnasamy, Timothy Roscoe, Scott Shenker HotNets-IV, 2005 Internet, then and now Internet, circa 1975 Trust in the ends Universal reachability Routability implies reachability

  1. Off by Default! Hitesh Ballani, Yatin Chawathe, Sylvia Ratnasamy, Timothy Roscoe, Scott Shenker HotNets-IV, 2005

  2. Internet, then and now Internet, circa 1975 ◮ Trust in the ends ⇒ Universal reachability ◮ Routability implies reachability ◮ “On” by default Internet, circa 2005 ◮ Less trust in the ends ◮ every host is vulnerable to any other host(s) ◮ Firewalls/NATs ◮ end-hosts are “Off”, the network is not ◮ ad-hoc and not universal

  3. Off by default!

  4. Turn it “Off” Reachability is “Off” by default ◮ Hosts turn “On” by explicitly telling the network

  5. Turn it “Off” Reachability is “Off” by default ◮ Hosts turn “On” by explicitly telling the network Issues ◮ What are the advantages? ◮ What are the assumptions? ◮ What are the incentives? ◮ . . .

  6. Is it even worth a thought? Design a Default-Off network Evaluate its feasibility

  7. Default-Off design Stub Network Def-Off Internet End-hosts are unreachable by defaultg g

  8. Default-Off design want to be reachable Stub Network Def-Off Internet End-hosts signal their intent to turn “On” g g

  9. Default-Off design Reachability protocol Stub Network Def-Off Internet g Reachability protocol propagates this intent into the network as Reachability Advertisements g

  10. Default-Off design Reachability protocol Stub Network Def-Off Internet Na¨ ıve Approach (not feasible) Routers maintain exact reachability state for all hosts Instantaneous propagation of advertisements

  11. Default-Off design Reachability protocol Stub Network Def-Off Internet Challenges Router State Reachability dynamics

  12. Reachability Protocol Reachability overlaid on Routing ◮ Inherit routing trust relationships ◮ Reachability events � Route recalculation

  13. Reachability Protocol Reachability overlaid on Routing ◮ Inherit routing trust relationships ◮ Reachability events � Route recalculation Routing protocol Stub Network Def-Off Internet

  14. Reachability Protocol Reachability overlaid on Routing ◮ Inherit routing trust relationships ◮ Reachability events � Route recalculation Routing protocol Reachability protocol Stub Network Def-Off Internet

  15. Reachability Protocol Reachability overlaid on Routing ◮ Inherit routing trust relationships ◮ Reachability events � Route recalculation Routing protocol Reachability protocol Stub Network Def-Off Internet Periodic reachability exchanges between domains ◮ Load due to dynamics Vs Turn-“On” time

  16. Reachability Advertisements Flexibility : allow for evolution

  17. Reachability Advertisements Flexibility : allow for evolution Who? What? When? How much?

  18. Reachability Advertisements Flexibility : allow for evolution Who? What? When? How much? Reachability Advertisement [ prefix, length,RC ... ,scope ]

  19. Reachability Advertisements Flexibility : allow for evolution Who? What? When? How much? Reachability Advertisement [ prefix, length,RC ... ,scope ] The host whose reachability this advertisement describes

  20. Reachability Advertisements Flexibility : allow for evolution Who? What? When? How much? Reachability Advertisement [ prefix, length,RC ... ,scope ] list of constraints, for eg. 1. on to all [ Dst IP, Dst Port, Proto ] 2. on to one [ Dst IP, Dst Port, Proto, Src IP ]

  21. Reachability Advertisements Flexibility : allow for evolution Who? What? When? How much? Reachability Advertisement [ prefix, length,RC ... ,scope ] Avoids needless propagation of state For eg. Limit advertisement in terms of AS Hops, Set of AS’es, ....

  22. Router State : “Off” hosts “Off” hosts do not incur state

  23. Router State : “Off” hosts “Off” hosts do not incur state ◮ Clients are “Off” [Handley FDNA’04] ◮ “Off” hosts accessed using path-based addresses (address gives path back to the “Off” host)

  24. Router State : “Off” hosts “Off” hosts do not incur state ◮ Clients are “Off” [Handley FDNA’04] ◮ “Off” hosts accessed using path-based addresses (address gives path back to the “Off” host) A|B Q S P Server/Peer B R Client A g(“Off” host A wants to communicate with “On” host B (A | B)(

  25. Router State : “Off” hosts “Off” hosts do not incur state ◮ Clients are “Off” [Handley FDNA’04] ◮ “Off” hosts accessed using path-based addresses (address gives path back to the “Off” host) A|B PA|B Q S P Server/Peer B R Client A g(Host B is “On” so domain P forwards it; but also adds itself into the source (PA)g(

  26. Router State : “Off” hosts “Off” hosts do not incur state ◮ Clients are “Off” [Handley FDNA’04] ◮ “Off” hosts accessed using path-based addresses (address gives path back to the “Off” host) QPA|B A|B PA|B Q S P Server/Peer B R Client A g(At the egress of domain Q, Q is added to the source (QPA)g(

  27. Router State : “Off” hosts “Off” hosts do not incur state ◮ Clients are “Off” [Handley FDNA’04] ◮ “Off” hosts accessed using path-based addresses (address gives path back to the “Off” host) QPA|B RQPA|B A|B PA|B Q S P Server/Peer B R Client A g(Host B can use the path (RQPA) to get to “Off” host Ag(

  28. Router State : “Off” hosts “Off” hosts do not incur state ◮ Clients are “Off” [Handley FDNA’04] ◮ “Off” hosts accessed using path-based addresses (address gives path back to the “Off” host) QPA|B RQPA|B A|B PA|B Q S P Server/Peer B R Client A B|RQPA B|QPA B|RQPA B|PA g(Destination field is stripped off, source field accumulates the pathg(

  29. Router State : “Off” hosts “Off” hosts do not incur state ◮ Clients are “Off” [Handley FDNA’04] ◮ “Off” hosts accessed using path-based addresses (address gives path back to the “Off” host) QPA|B RQPA|B A|B PA|B Q S P Server/Peer B R Client A B|RQPA B|QPA B|RQPA B|PA g(Issues and advantages associated with path-based addresses(

  30. Router State : “On” hosts Routers don’t keep exact reachability state

  31. Router State : “On” hosts Routers don’t keep exact reachability state ◮ Aggregation according to router memory RA1 RA2 [ prefix, length,RC ... ,scope ] [ prefix, length,RC ... ,scope ] classic prefix Union aggregation Aggregated Advertisement [ prefix, length,RC ... ,scope ]

  32. Router State : “On” hosts Routers don’t keep exact reachability state ◮ Aggregation according to router memory ◮ Introduces false-positives ◮ Default-Off offers best-effort protection to “Off” hosts Increasing Protection Increasing Aggregation

  33. How effective is Default-Off at limiting unwanted traffic?

  34. Feasibility : Router State Simulated Default-Off operation ◮ AS-level internet topology [Subramanian ’05] ◮ 200,000 routable prefixes [Route-Views ’05] Parameters of interest ◮ H - hosts per prefix that are “On” ◮ T - amount of router memory available

  35. Feasibility : Router State Simulated Default-Off operation ◮ AS-level internet topology [Subramanian ’05] ◮ 200,000 routable prefixes [Route-Views ’05] Parameters of interest ◮ H - hosts per prefix that are “On” ◮ T - amount of router memory available ISP C ISP B Stub A hosts x "on" ISP D

  36. Feasibility : Router State Simulated Default-Off operation ◮ AS-level internet topology [Subramanian ’05] ◮ 200,000 routable prefixes [Route-Views ’05] Parameters of interest ◮ H - hosts per prefix that are “On” ◮ T - amount of router memory available Reachability Advertisements (thickness is amount of state) ISP C ISP B Stub A hosts x "on" ISP D

  37. Feasibility : Router State Simulated Default-Off operation ◮ AS-level internet topology [Subramanian ’05] ◮ 200,000 routable prefixes [Route-Views ’05] Parameters of interest ◮ H - hosts per prefix that are “On” ◮ T - amount of router memory available Packet for "off" host ISP C ISP B Stub A hosts x "on" ISP D

  38. Feasibility : Router State Simulated Default-Off operation ◮ AS-level internet topology [Subramanian ’05] ◮ 200,000 routable prefixes [Route-Views ’05] Parameters of interest ◮ H - hosts per prefix that are “On” ◮ T - amount of router memory available Packet for Blocked 2 AS hops "off" host X from DST ISP C ISP B Stub A hosts x "on" ISP D

  39. Feasibility : Router State Simulated Default-Off operation ◮ AS-level internet topology [Subramanian ’05] ◮ 200,000 routable prefixes [Route-Views ’05] Parameters of interest ◮ H - hosts per prefix that are “On” ◮ T - amount of router memory available Packet for "off" host Blocked 1 AS hop ISP C from DST X ISP B Stub A hosts x "on" ISP D

  40. Feasibility : Router State Simulated Default-Off operation ◮ AS-level internet topology [Subramanian ’05] ◮ 200,000 routable prefixes [Route-Views ’05] Parameters of interest ◮ H - hosts per prefix that are “On” ◮ T - amount of router memory available Packet for "off" host Blocked 0 AS hop ISP C from DST X ISP B Stub A hosts x "on" ISP D

Recommend

Credit Default Swaps Pamela Heijmans Matthew Hays Adoito Haroon Credit Default Swaps

Credit Default Swaps Pamela Heijmans Matthew Hays Adoito Haroon Credit Default Swaps

Credit Default Swaps Pamela Heijmans Matthew Hays Adoito Haroon Credit Default Swaps Definition A credit default swap (CDS) is a kind of insurance against credit risk Privately negotiated bilateral contract Reference Obligation,

1.12k views • 42 slides
Security By Default A Comparative Security Evaluation of Default Configurations Bernardus A.

Security By Default A Comparative Security Evaluation of Default Configurations Bernardus A.

Security By Default A Comparative Security Evaluation of Default Configurations Bernardus A. Jansen, BSc MSc System and Network Engineering Universiteit van Amsterdam July 3, 2018 B.A. Jansen, BSc (UvA) Security By Default July 3, 2018 1 /

292 views • 15 slides
Debt and Default Costas Arkolakis teaching fellow: Federico Esposito Economics 407, Yale

Debt and Default Costas Arkolakis teaching fellow: Federico Esposito Economics 407, Yale

Debt and Default Costas Arkolakis teaching fellow: Federico Esposito Economics 407, Yale February 2014 Outline Sovereign debt and default A brief history of default episodes A Simple Model of Default Managing Sovereign Debt

777 views • 51 slides
Sovereign Debt and Default Costas Arkolakis Teaching fellow: Federico Esposito Economics 407,

Sovereign Debt and Default Costas Arkolakis Teaching fellow: Federico Esposito Economics 407,

Sovereign Debt and Default Costas Arkolakis Teaching fellow: Federico Esposito Economics 407, Yale February 2014 Outline Sovereign debt and default A brief history of default episodes A Simple Model of Default Managing Sovereign

682 views • 54 slides
Default Methods in Rust Michael Sullivan August 14, 2013 1 / 30 Introduction Rust Fixing

Default Methods in Rust Michael Sullivan August 14, 2013 1 / 30 Introduction Rust Fixing

Introduction Rust Fixing Default Trait Methods Other Conclusion Default Methods in Rust Michael Sullivan August 14, 2013 1 / 30 Introduction Rust Fixing Default Trait Methods Other Conclusion Outline Introduction Rust Fixing Default

911 views • 58 slides
ICTP_011_03142012 Page 1 of 6 ProductivI.T.y tip 82_(PowerPoint): Create a Default Presentation

ICTP_011_03142012 Page 1 of 6 ProductivI.T.y tip 82_(PowerPoint): Create a Default Presentation

ICTP_011_03142012 Page 1 of 6 ProductivI.T.y tip 82_(PowerPoint): Create a Default Presentation Template_03142012 Create a Default Presentation Template Before you start making any changes, you should make a copy of the original default

206 views • 6 slides
Loss Given Default as a Function of the Default Rate Moody's Risk Practitioner Conference

Loss Given Default as a Function of the Default Rate Moody's Risk Practitioner Conference

Loss Given Default as a Function of the Default Rate Moody's Risk Practitioner Conference Chicago, October 17, 2012 Jon Frye Senior Economist Federal Reserve Bank of Chicago Any views expressed are the author's and do not necessarily

571 views • 31 slides
A Default Logic Patch for Default Logic { ECSQARU09 Verona, Italy July 1-3, 2009 }

A Default Logic Patch for Default Logic { ECSQARU09 Verona, Italy July 1-3, 2009 }

A Default Logic Patch for Default Logic { ECSQARU09 Verona, Italy July 1-3, 2009 } Ph. Besnard 1 egoire 2 E. Gr S. Ramon 2 1 IRIT CNRS UMR 5505 Toulouse, France 2 Universit e dArtois CRIL CNRS UMR 8188 Lens, France A

672 views • 47 slides
Corporate Yield Spreads: Default Risk or Liquidity? New Evidence from the Credit Default Swap

Corporate Yield Spreads: Default Risk or Liquidity? New Evidence from the Credit Default Swap

Corporate Yield Spreads: Default Risk or Liquidity? New Evidence from the Credit Default Swap Market Professor Francis Longstaff UCLA/Anderson School Introduction How are corporate bonds priced in the market? In theory, corporate

783 views • 28 slides
Hedging Default Risks of CDOs in Markovian Hedging Default Risks of CDOs in Markovian Contagion

Hedging Default Risks of CDOs in Markovian Hedging Default Risks of CDOs in Markovian Contagion

Hedging Default Risks of CDOs in Markovian Hedging Default Risks of CDOs in Markovian Contagion Models Contagion Models Second Princeton Credit Risk Conference 24 May 2008 Jean-Paul LAURENT ISFA Actuarial School, University of Lyon,

576 views • 44 slides
Moving Up & Moving Off Off Campus Living 2019 Opening Video Part 1: Deciding to go off

Moving Up & Moving Off Off Campus Living 2019 Opening Video Part 1: Deciding to go off

Moving Up & Moving Off Off Campus Living 2019 Opening Video Part 1: Deciding to go off campus Overview Part 2: Choosing an apartment/house Part 3: Signing the Lease Part 1: Considerations for Moving Off Campus Where DO I start??

772 views • 39 slides
Using Off-Path and On-Path Signaling for Internet Security Saikat Guha, Paul Francis Cornell

Using Off-Path and On-Path Signaling for Internet Security Saikat Guha, Paul Francis Cornell

Using Off-Path and On-Path Signaling for Internet Security Saikat Guha, Paul Francis Cornell University IETF 66 Off-path BoF Guha and Francis Using Off-path and On-Path Signaling for Internet Security Architecture Default-Off Data-Path

651 views • 15 slides
Consumer Debt and Default Michle Tertilt (University of Mannheim) YJ Award Lecture, December

Consumer Debt and Default Michle Tertilt (University of Mannheim) YJ Award Lecture, December

Consumer Debt and Default Michle Tertilt (University of Mannheim) YJ Award Lecture, December 2017 Debt and Default over Time 10 filings per 1000 9 revolving credit 8 credit card charge-off rate 7 6 5 4 3 2 1 0 1970 1975 1980

846 views • 39 slides
= Pull- -Off Force Off Force JKR Pull- -Off Off Pull Pull 2 0 . 6 / F W d F

= Pull- -Off Force Off Force JKR Pull- -Off Off Pull Pull 2 0 . 6 / F W d F

! van ! van der der Waals Waals/Pull /Pull- -off Force for off Force for Rough Surfaces Rough Surfaces ! Rolling and Sliding Removal of ! Rolling and Sliding Removal of Rough Particles Rough Particles ! Hydrodynamic Forces and Torque !

324 views • 6 slides
Basics of Off-Camera Flash Off-Camera Flash www.jedi.com * What is it & why do we use it? *

Basics of Off-Camera Flash Off-Camera Flash www.jedi.com * What is it & why do we use it? *

Basics of Off-Camera Flash Off-Camera Flash www.jedi.com * What is it & why do we use it? * Bouncing on-camera flash to emulate off-camera light * True off-camera flash * Basic examples * Trigger mechanisms * Controlling the amount of

160 views • 11 slides
Sometimes I read the sayings of Jesus and I am taken aback! Sometimes I read the sayings of

Sometimes I read the sayings of Jesus and I am taken aback! Sometimes I read the sayings of

Sometimes I read the sayings of Jesus and I am taken aback! Sometimes I read the sayings of Jesus and I am taken aback! Off track Off track Off track Authenticity Off track Authenticity Off track Authenticity Off track And as for

859 views • 83 slides
The Enhanced Role of the U.S. Securities and Exchange Commission: An analysis of investigations

The Enhanced Role of the U.S. Securities and Exchange Commission: An analysis of investigations

Panel 2A The Enhanced Role of the U.S. Securities and Exchange Commission: An analysis of investigations in 2015, asset freezes, coordination with USCIS, notices to terminate Regional Centers, and other related issues John Tishler, Sheppard

412 views • 12 slides
MATH 12002 - CALCULUS I 2.3, 2.4, and 2.5: Computing Derivatives (Part 2) Professor

MATH 12002 - CALCULUS I 2.3, 2.4, and 2.5: Computing Derivatives (Part 2) Professor

MATH 12002 - CALCULUS I 2.3, 2.4, and 2.5: Computing Derivatives (Part 2) Professor Donald L. White Department of Mathematical Sciences Kent State University D.L. White (Kent State University) 1 / 12 Derivatives 10 f ( x ) = sin( x 2

331 views • 12 slides
FLEET: Flexible Efficient Ensemble Training for Heterogenous Deep Neural Networks Hui Guan,

FLEET: Flexible Efficient Ensemble Training for Heterogenous Deep Neural Networks Hui Guan,

FLEET: Flexible Efficient Ensemble Training for Heterogenous Deep Neural Networks Hui Guan, Laxmikant Kishor Mokadam, Xipeng Shen, Seung-Hwan Lim, Robert Patton 1 Build an image classifier? Deep Neural Network (DNN) CPU GPU Training

962 views • 41 slides
SEC Comments Summary 2013 Disclaimer The information conveyed in the following presentation

SEC Comments Summary 2013 Disclaimer The information conveyed in the following presentation

H o u s t o n D e n v e r C a l g a r y SEC Comments Summary 2013 Disclaimer The information conveyed in the following presentation represents informed opinions about certain laws, regulations and interpretations but should not be

596 views • 29 slides
Hierarchical Task Network (HTN) Planning Section 12.2 Sec. 12.2 p.1/23 Outline Primitive

Hierarchical Task Network (HTN) Planning Section 12.2 Sec. 12.2 p.1/23 Outline Primitive

Hierarchical Task Network (HTN) Planning Section 12.2 Sec. 12.2 p.1/23 Outline Primitive vs. non-primitive operators Example HTN planning algorithm Practical planners Additional references used for the slides: desJardins , M. (2001).

252 views • 23 slides
Proving Confidentiality in a File System Using DiskSec (Poster #2) OSDI 18 Atalay Mert

Proving Confidentiality in a File System Using DiskSec (Poster #2) OSDI 18 Atalay Mert

Proving Confidentiality in a File System Using DiskSec (Poster #2) OSDI 18 Atalay Mert leri, Tej Chajed, Adam Chlipala, Frans Kaashoek, Nickolai Zeldovich MIT CSAIL Storage Systems Contain Confidential Data Users rely on the storage

796 views • 24 slides
Algorithms in HElib Shai Halevi and Victor Shoup http://eprint.iacr.org/2014/106 Whats HElib?

Algorithms in HElib Shai Halevi and Victor Shoup http://eprint.iacr.org/2014/106 Whats HElib?

Algorithms in HElib Shai Halevi and Victor Shoup http://eprint.iacr.org/2014/106 Whats HElib? A software library implementation of homomorphic encryption (HE) Implements the ring-LWE variant of [BGV12] Written in C++, uses NTL for

604 views • 8 slides
Run-Time Composite Event Recognition Alexander Artikis, Marek Sergot and George Paliouras

Run-Time Composite Event Recognition Alexander Artikis, Marek Sergot and George Paliouras

Run-Time Composite Event Recognition Alexander Artikis, Marek Sergot and George Paliouras Institute of Informatics & Telecommunications, NCSR Demokritos, Greece Department of Computing, Imperial College London, UK

480 views • 25 slides

More recommend

Explore More Topics

Stay informed with curated content and fresh updates.

animals pets art culture automotive transportation business finance computer internet construction architecture education-career electronics communication

Logo Sambuz

Unleash a World of Digital Possibilities—Browse, Share, and Explore Content Without Boundaries

Useful Links

About Us Privacy Services FAQ's Contact

Newsletter

Stay Informed & Inspired—Subscribe for the Latest Updates, Tips, and Exclusive Content Directly to Your Inbox.

Mail Us

mail@sambuz.com

2026 SAMBUZ, All right reserved.