{"title":"Robust heuristics: attacks and defenses for job size estimation in WSJF systems","authors":"Erica Chiang, Nirav Atre, Hugo Sadok","doi":"10.1145/3546037.3546062","DOIUrl":null,"url":null,"abstract":"Packet scheduling algorithms control the order in which a system serves network packets, which can have significant impact on system performance. Many systems rely on Shortest Job First (SJF), an important packet scheduling algorithm with many desirable properties. Classic results [3] show that SJF provably minimizes average job completion time, and recent work [1] shows that a variant of SJF also protects systems against algorithmic complexity attacks (ACAs), a particularly dangerous class of Denial-of-Service (DoS) attacks [4]. In an ACA, an adversary exploits the worst-case behavior of an algorithm in order to induce a large amount of work in the target system, causing a significant drop in goodput despite using only a small amount of attack bandwidth. SurgeProtector [1] demonstrated that using Weighted SJF (WSJF) - scheduling packets by the ratio of job size to packet size - significantly mitigates the impact of ACAs on any networked system.","PeriodicalId":351682,"journal":{"name":"Proceedings of the SIGCOMM '22 Poster and Demo Sessions","volume":"318 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the SIGCOMM '22 Poster and Demo Sessions","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3546037.3546062","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Packet scheduling algorithms control the order in which a system serves network packets, which can have significant impact on system performance. Many systems rely on Shortest Job First (SJF), an important packet scheduling algorithm with many desirable properties. Classic results [3] show that SJF provably minimizes average job completion time, and recent work [1] shows that a variant of SJF also protects systems against algorithmic complexity attacks (ACAs), a particularly dangerous class of Denial-of-Service (DoS) attacks [4]. In an ACA, an adversary exploits the worst-case behavior of an algorithm in order to induce a large amount of work in the target system, causing a significant drop in goodput despite using only a small amount of attack bandwidth. SurgeProtector [1] demonstrated that using Weighted SJF (WSJF) - scheduling packets by the ratio of job size to packet size - significantly mitigates the impact of ACAs on any networked system.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
