TCP Congestion Control with a Misbehaving Receiver
--------------------------------------------------
S. Savage, N. Cardwell, D. Wetherall and T. Anderson
The paper addresses a number of vulnerabilities existing in TCP congestion
control implementations. ACK division, DupACK spoofing and optimistic
ACKing derive from the RFC specifications and are simple methods for a
receiver to increase his bandwidth by changing his TCP implementation. The
basis of these vulnerabilities is the implicit cooperation between hosts.
The paper strength comes from seeing these 3 simple problems existing in
TCP, problems that can be easily used by a malicious client. They show that
by actually implementing and using them on a web-server (TCP Daytona). The
authors also suggest some simple changes in order to overcome these issues.
The key here is to indentify ACKs.
The weakness is given by the TCP packet format modifications. This is not
globally deployable since it requires changes in the TCP implementation on
both sides. It would have been OK if only the sender needed to make some
changes. Moreover, there is no nounce field adopted in TCP packet format.
One other thing is that ACK division was already addressed (Linux 2.2.x).
All in all, I found the paper to be a very good practical one.
Received on Mon Oct 31 2005 - 10:36:57 EST
This archive was generated by hypermail 2.2.0 : Mon Oct 31 2005 - 10:50:32 EST