Embed Size (px)
Citation preview
Ao-Jan Su and
Aleksandar Kuzmanovic
Department of EECS
Northwestern University
Thinning Akamai
USENIX/ACM SIGCOMM IMC ’08
Ao-Jan Su Thinning Akamai22
Motivation
● >50% of online users would leave and never come back to a streaming site when streaming quality is bad (Akamai’s user study ’07)
Ao-Jan Su Thinning Akamai33
Akamai’s Streaming Architecture
Entry Points
Reflectors
Edge Servers
Can we degrade service to large-scale streaming networks?Can we degrade service to large-scale streaming networks?
Ao-Jan Su Thinning Akamai44
DNS-based Load Balancing
● DNS-based load balancing is used in both edge and reflector levels
Global Monitoring InfrastructureGlobal Monitoring Infrastructure
Edge Server 1Edge Server 1
Edge Server 2Edge Server 2
feedbackupdate
DNS ServerDNS Server
New edge server IP
Ao-Jan Su Thinning Akamai55
Web vs. Streaming
● Web■ Insensitive to bandwidth and latency■ Short-lived connections
− Server load quickly goes away
● Streaming■ Sensitive to bandwidth, jitter, and packet loss■ Long-lived connections
− Clients connect to a streaming server for minutes/hours
Is DNS-based load balancing resilient to DoS attacks for streaming service?Is DNS-based load balancing resilient to DoS attacks for streaming service?
Ao-Jan Su Thinning Akamai66
Slow Load Balancing Experiment
Ao-Jan Su Thinning Akamai77
Redirection Time Scales
Minimum redirection time is 20 seconds
Minimum redirection time is 20 seconds
Is minimum redirection time scale small enough for streaming?Is minimum redirection time scale small enough for streaming?
Ao-Jan Su Thinning Akamai88
Slow Load Balancing Result
Start probing machinesStart probing machines
Edge server becomes overloaded
Edge server becomes overloaded
DNS updated,stop probing machines
DNS updated,stop probing machines
Throughput recovers
Throughput recovers
DNS-based system is too slow to react to overloaded conditionsDNS-based system is too slow to react to overloaded conditions
Ao-Jan Su Thinning Akamai99
No-isolation Experiment
Pay per View VoD Movie
Live Video
Live Video
Live Video
Live Video
Live Video
Ao-Jan Su Thinning Akamai1010
Service Overlapping
Would different streaming services interfere with each other? Would different streaming services interfere with each other?
25% of nodes observe overlap ratio > 0.5
25% of nodes observe overlap ratio > 0.5
Ao-Jan Su Thinning Akamai1111
No-isolation Experiment (Live vs. VoD)
Start probing machinesStart probing machines Edge server becomes overloaded
Edge server becomes overloaded
Edge server attempts to refill client’s bufferEdge server attempts to refill client’s buffer
No-isolation makes it possible to DoS Video-on-Demand service by live streamingNo-isolation makes it possible to DoS Video-on-Demand service by live streaming
DNS updated,stop probing machines
DNS updated,stop probing machines
Ao-Jan Su Thinning Akamai1212
Facts:- Akamai gathers streams from different customers into channels- Streams from the same region and the same channel map to the
same reflector
Facts:- Akamai gathers streams from different customers into channels- Streams from the same region and the same channel map to the
same reflector
Issue: How to attack reflectors? Challenge: Information about reflectors not publicly available Approach: Use edge servers as proxies
Need mapping between edge servers and reflectors
Issue: How to attack reflectors? Challenge: Information about reflectors not publicly available Approach: Use edge servers as proxies
Need mapping between edge servers and reflectors
Reflector-level Experiments
CustomersCustomers
Ao-Jan Su Thinning Akamai1313
Amplification Experiment
Big edge server clustersare vulnerable to amplification attacks
Big edge server clustersare vulnerable to amplification attacks
Can we attack reflectors by using edge servers as proxies?Can we attack reflectors by using edge servers as proxies?
Ao-Jan Su Thinning Akamai1414
Amplification Experiment
Service degradationat similar pace
Service degradationat similar pace
Throughput recoveryThroughput recovery
It is possible to attack reflectors by using edge servers as “proxies”It is possible to attack reflectors by using edge servers as “proxies”
Start probing machinesStart probing machinesBottleneck observed, stop probing machinesBottleneck observed,
stop probing machines
Ao-Jan Su Thinning Akamai1515
Existing Countermeasures
● Stream replication■ Waste bandwidth
● Resource-based admission control■ Can’t solve network or reflector bottlenecks
● Solving Puzzles■ Undermines Akamai’s service
transparency
Ao-Jan Su Thinning Akamai1616
Our approaches
● Location-aware admission control
Ao-Jan Su Thinning Akamai1717
Our approaches (Cont.)
● Reducing system transparency■ Shielding administrative information
− Keep state at edge servers
■ Shielding vincible IP addresses− Virtual IP addresses
● Key issue:■ Tradeoff between transparency and DoS resiliency
Ao-Jan Su Thinning Akamai1818
Conclusions
● Large-scale, DNS-based load balancing systems are known to be resilient to attacks. However, it is not exactly true in the case of streaming
● Identify vulnerabilities of DNS-based streaming service■ Slow load balancing■ No isolation■ Amplification attacks
● Provide countermeasures to raise the bar for attackers
Ao-Jan Su Thinning Akamai1919
Thank you!
Ao-Jan Su Thinning Akamai2020
Backup Slides
Ao-Jan Su Thinning Akamai2121
Methodogy
● Protocol: Windows Media Server (mms)■ Modify MiMMS software
● Setup:■ Observers & experimental machines
● Collect 1400 unique live streams ■ assign 200 streams each to 7 experimental
machines
● Bypass DNS redirections■ Directly connect to edge server
● Abort experiment immediately when we observe bottleneck conditions
Ao-Jan Su Thinning Akamai
Migration
