Ashraf Matrawy

Carleton University

Mitigation of Network Denial of Service through Diversity-based Traffic 
Management

We investigate the mitigation 
of Network Denial-of-Service (NDoS) through a new traffic management 
technique. Based on the assumption that disruptive traffic (being 
malicious or not) has some similarity, we design a classification 
technique that clusters packets based on the similarity of their 
contents (both headers and payloads) using a variation of n-grams, 
which we call (p,n)-grams.  We allocate bandwidth limits to 
each of these clusters using an adaptive traffic management technique.  
Our design intent is that excessive bandwidth consumers (e.g. UDP worms, 
flash crowds) are segregated so that they cannot consume bandwidth 
to the exclusion of other network traffic.  Because this strategy 
increases the packet drop rate experienced by sets of similar flows and 
thus reduces the relative drop rate of other, dissimilar flows, we 
characterize this strategy as diversity-based traffic management.  The 
approach will be explained at a high level with results of some 
preliminary experiments.