On detecting service violations and bandwidth theft in QoS network domains

Get BibTex-formatted data

Author

Ahsan Habib, Sonia Fahmy, Srinivas r. Avasarala, Venkatesh Prabhakar, Bharat Bhargava

Entry type

article

Abstract

We design and evaluate a simple and scalable system to verify quality of service (QoS) in a differentiated services domain. The system uses a distributed edge-to-edge monitoring approach with measurement agents collecting information about delays, losses and throughput, and reporting to a service level agreement monitor (SLAM). The SLAM detects potential service violations, bandwidth theft, denial of service attacks, and flags the need to re-dimension the network domain or limit its users. Measurements may be performed entirely edge-to-edge, or the core routers may participate in logging packet drop information. We compare the core-assisted and edge-to-edge schemes, and we extend network tomography-based loss inference mechanisms to cope with different drop precedences in a QoS network. We also develop a load-based service monitoring scheme which probes the appropriate edge routers for loss and throughput on demand. Simulation results indicate that the system detects attacks with reasonable accuracy, and is useful for damage control in both QoS-enabled and best effort network domains.

Date

2002 – 5 – 20

URL

http://www.sciencedirect.com/s ... 52d13e4c3dc04be25feac0044

Journal

Computer Communications

Key alpha

Fahmy

Pages

861-871

Publisher

Elsevier Science B.V.

Volume

Publication Date

2002-05-20

Copyright

2002

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Article{ Fahmy,
	title = "On detecting service violations and bandwidth theft in QoS network domains",
	author = "Ahsan Habib, Sonia Fahmy, Srinivas r. Avasarala, Venkatesh Prabhakar, Bharat Bhargava",
	year = "2002",
	month = "5",
	journal = "Computer Communications",
	pages = "861-871",
	publisher = "Elsevier Science B.V.",
	volume = "26",
	day = "20",
	abstract = "We design and evaluate a simple and scalable system to verify quality of service (QoS) in a differentiated services domain. The system uses a distributed edge-to-edge monitoring approach with measurement agents collecting information about delays, losses and throughput, and reporting to a service level agreement monitor (SLAM). The SLAM detects potential service violations, bandwidth theft, denial of service attacks, and flags the need to re-dimension the network domain or limit its users. Measurements may be performed entirely edge-to-edge, or the core routers may participate in logging packet drop information. We compare the core-assisted and edge-to-edge schemes, and we extend network tomography-based loss inference mechanisms to cope with different drop precedences in a QoS network. We also develop a load-based service monitoring scheme which probes the appropriate edge routers for loss and throughput on demand. Simulation results indicate that the system detects attacks with reasonable accuracy, and is useful for damage control in both QoS-enabled and best effort network domains.",
	copyright = "2002",
	url = "http://www.sciencedirect.com/science?_ob=ArticleURL&_udi=B6TYP-4753K38-3&_user=29441&_rdoc=1&_fmt=&_orig=search&_sort=d&view;=c&_acct=C000003858&_version=1&_urlVersion=0&_userid=29441&md5;=e7c9f6f52d13e4c3dc04be25feac0044",
}