Skip to main content
SpringerLink
Log in

On the Security of Bottleneck Bandwidth Estimation Techniques

  • Conference paper
Security and Privacy in Communication Networks (SecureComm 2009)

Abstract

Several wide-area services are increasingly relying on bottleneck bandwidth estimation tools to enhance their network performance. Selfish hosts have, therefore, considerable incentives to fake their bandwidths in order to increase their benefit in the network. In this paper, we address this problem and we investigate the vulnerabilities of current bottleneck bandwidth estimation techniques in adversarial settings. We show that finding “full-fledged” solutions for the multitude of attacks on the end-to-end bandwidth estimation process might not be feasible in the absence of trusted network components; we discuss solutions that make use of such trusted components. Nevertheless, we discuss other possible solutions that alleviate these threats without requiring trusted infrastructure support and we evaluate the effectiveness of our proposals on PlanetLab nodes.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ratnasamy, S., McCanne, S.: Inference of Multicast Routing Tree Topologies and Bottleneck Bandwidths using End-to-end Measurements. In: Proceedings of IEEE INFOCOM (1999)

    Google Scholar 

  2. Schiely, M., Renfer, L., Felber, P.: Self-Organization in Cooperative Content Distribution Networks. In: Proceedings of NCA (2005)

    Google Scholar 

  3. Saroiu, S., Gummadi, P., Gribble, S.: A Measurement Study of Peer-to-Peer File Sharing Systems. In: MMCN (2002)

    Google Scholar 

  4. Lai, K., Baker, M.: Nettimer: A Tool for Measuring Bottleneck Link Bandwidth. In: USITS (2001)

    Google Scholar 

  5. Jocobson, V.: Pathchar (1997), http://www.caida.org/tools/taxonomy/perftaxonomy.xml#pathchar

  6. Math, B.: pchar (1999), http://www.caida.org/tools/taxonomy/perftaxonomy.xml#pchar

  7. Clink: a tool for estimating Internet link characteristics, http://allendowney.com/research/clink/

  8. Carter, R.: Cprobe and bprobe Tools (1996), http://cs-people.bu.edu/carter/tools/Tools.html

  9. Dovrolis, C.: pathrate (2001), http://www.cis.udel.edu/~dovrolis/bwmeter.html

  10. Sariou, S., Gummadi, P., Gribble, S.: SProbe: A Fast Technique for Measuring Bottleneck Bandwidth in Uncooperative Environments. In: Proceedings of INFOCOM (2002)

    Google Scholar 

  11. Lai, K., Baker, M.: Measuring Link Bandwidths Using a Deterministic Model of Packet Delays. In: ACM SIGCOMM (2000)

    Google Scholar 

  12. KaZaA, http://www.kazaa.com/

  13. Strauss, J., Katabi, D., Kaashoek, F.: A Measurement Study of Available Bandwidth Estimation Tools. In: IMC (2003)

    Google Scholar 

  14. Hu, N., Li, L., Mao, Z., Steenkiste, P., Wang, J.: A Measurement Study of Internet Bottlenecks. In: Proceedings of INFOCOM (2005)

    Google Scholar 

  15. BitTorrent, http://www.bittorrent.org/protocol.html

  16. Carter, R., Crovella, M.: Measuring Bottleneck Link Speed in Packet-Switched Networks. In: Performance Evaluation (1996)

    Google Scholar 

  17. Dovrolis, C., Ramanathan, P., Moore, D.: What do packet dispersion techniques measure? In: Proceedings of INFOCOM (2001)

    Google Scholar 

  18. Prasad, R., Dovrolis, C., Murray, M., Claffy, K.: Bandwidth estimation: metrics, measurement techniques, and tools. IEEE Network (2003)

    Google Scholar 

  19. Revealed, the Internet’s Biggest Security Hole, http://blog.wired.com/27bstroke6/2008/08/revealed-the-in.html

  20. More on BGP Attacks, http://blog.wired.com/27bstroke6/2008/08/how-to-intercep.html

  21. Speed Comparison of Popular Crypto Algorithms, http://www.cryptopp.com/benchmarks.html

  22. Walters, A., Zage, D., Nita-Rotaru, C.: A Framework for Mitigating Attacks Against Measurement-Based Adaptation Mechanisms in Unstructured Multicast Overlay Networks. ACM/IEEE Transactions on Networking (2007)

    Google Scholar 

  23. Soule, A., Salamatian, K., Taft, N.: Combining Filtering and Statistical Methods for Anomaly Detection. In: Proceedings of IMC (2005)

    Google Scholar 

  24. Snader, R., Borisov, N.: EigenSpeed: Secure Peer-to-peer Bandwidth Evaluation. In: Proceedings of IPTPS (2009)

    Google Scholar 

  25. Savage, S., Cardwell, N., Wetherall, D., Anderson, T.: TCP Congestion Control with a Misbehaving Receiver. Computer Communication Review (1999)

    Google Scholar 

  26. Harris, B., Hunt, R.: TCP/IP security threats and attack methods. Computer Communications (1999)

    Google Scholar 

  27. Douceur, J.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, p. 251. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  28. NetLimiter, http://www.netlimiter.com/

  29. NetEqualizer, http://www.netequalizer.com/

  30. Brands, S., Chaum, D.: Distance-bounding protocols. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  31. The CAIDA DNS root/gTLD RTT Dataset, https://data.caida.org/datasets/dns/root-gtld-rtt/

  32. HTB Traffic Shaper, http://luxik.cdi.cz/~devik/qos/htb/

  33. Kamvar, S., Schlosser, M., Garcia-Molina, H.: The EigenTrust Algorithm for Reputation Management in P2P Networks. In: WWW (2003)

    Google Scholar 

  34. Sears, W., Yu, Z., Guan, Y.: An Adaptive Reputation-based Trust Framework for Peer-to-Peer Applications. In: NCA (2005)

    Google Scholar 

  35. Damiani, E., Vimercati, S., Paraboschi, S., Samarati, P.: Managing and Sharing Servents’ Reputations in P2P Systems. IEEE Transactions on Knowledge and Data Engineering (2003)

    Google Scholar 

  36. Dimitriou, T., Karame, G., Christou, I.: SuperTrust: A Secure and Efficient Framework for Handling Trust in Super Peer Networks. In: Proceedings of ACM PODC (2007)

    Google Scholar 

  37. Karame, G., Christou, I., Dimitriou, T.: A Secure Hybrid Reputation Management System for Super-Peer Networks. In: Proceedings of IEEE CCNC (2008)

    Google Scholar 

  38. OECD, Broadband Growth and Policies in OECD Countries, http://aui.es/IMG/pdf_Informe_OCDE_Banda_Ancha_en_el_Mundo.pdf

  39. Jin, H., Lotspiech, J.: Forensic Analysis for Tamper Resistant Software. In: Proceedings of ISSRE (2003)

    Google Scholar 

  40. Zeng, K., Yu, S., Ren, K., Lou, W.: Towards Secure Link Quality Measurement in Multihop Wireless Networks. In: Globecom (2008)

    Google Scholar 

  41. Courtay, O., Karroum, M., Duran, A.: Method and Devices for Secure Measurements of Time-Based Distance Between Two Devices. Patent no. WO/2006/136278 (2006)

    Google Scholar 

  42. Barford, P.: Measurement as a First Class Network Citizen. White Paper, http://pages.cs.wisc.edu/~pb/sngi_whitepaper.pdf

  43. PlanetLab, http://www.planet-lab.org/

  44. Jiang, G., Cybenko, G.: Temporal and spatial distributed event correlation for network security. In: American Control Conference (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, ETH Zürich, Switzerland

    Ghassan Karame, David Gubler & Srdjan Čapkun

Authors
  1. Ghassan Karame
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Gubler
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Srdjan Čapkun
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electrical Engineering and Computer Science, Robert R. McCormick School of Engineering and Application Science, Northwestern University, 2145 Sheridian Road, 60208-3118, Evanston, IL, USA

    Yan Chen

  2. Athens Information Technology, Markopoulo Ave., GR-19002, Peania, Greece

    Tassos D. Dimitriou

  3. Institute for Infocomm Research, 1 Fusionopolis Way, 21-01 Connexis, South Tower, 138632, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2009 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Karame, G., Gubler, D., Čapkun, S. (2009). On the Security of Bottleneck Bandwidth Estimation Techniques. In: Chen, Y., Dimitriou, T.D., Zhou, J. (eds) Security and Privacy in Communication Networks. SecureComm 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 19. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-05284-2_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-05284-2_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-05283-5

  • Online ISBN: 978-3-642-05284-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation