Title: Ao-Jan Su and
1Thinning Akamai
- Ao-Jan Su and
- Aleksandar Kuzmanovic
- Department of EECS
- Northwestern University
USENIX/ACM SIGCOMM IMC 08
2Motivation
- gt50 of online users would leave and never come
back to a streaming site when streaming quality
is bad (Akamais user study 07)
3Akamais Streaming Architecture
Entry Points
Reflectors
Edge Servers
Can we degrade service to large-scale streaming
networks?
4DNS-based Load Balancing
- DNS-based load balancing is used in both edge and
reflector levels
Global Monitoring Infrastructure
update
feedback
DNS Server
Edge Server 1
Edge Server 2
New edge server IP
5Web vs. Streaming
- Web
- Insensitive to bandwidth and latency
- Short-lived connections
- Server load quickly goes away
- Streaming
- Sensitive to bandwidth, jitter, and packet loss
- Long-lived connections
- Clients connect to a streaming server for
minutes/hours
Is DNS-based load balancing resilient to DoS
attacks for streaming service?
6Slow Load Balancing Experiment
7Redirection Time Scales
Minimum redirection time is 20 seconds
Is minimum redirection time scale small enough
for streaming?
8Slow Load Balancing Result
Edge server becomes overloaded
Throughput recovers
Start probing machines
DNS-based system is too slow to react to
overloaded conditions
DNS updated, stop probing machines
9No-isolation Experiment
Live Video
Live Video
Live Video
Pay per View VoD Movie
Live Video
Live Video
10Service Overlapping
25 of nodes observe overlap ratio gt 0.5
Would different streaming services interfere with
each other?
11No-isolation Experiment (Live vs. VoD)
Edge server becomes overloaded
Edge server attempts to refill clients buffer
Start probing machines
DNS updated, stop probing machines
No-isolation makes it possible to DoS
Video-on-Demand service by live streaming
12Reflector-level Experiments
Customers
- Issue How to attack reflectors?
- Challenge Information about reflectors not
publicly available - Approach Use edge servers as proxies
- Need mapping between edge servers and reflectors
- Facts
- Akamai gathers streams from different customers
into channels - Streams from the same region and the same channel
map to the same reflector
13Amplification Experiment
Big edge server clusters are vulnerable to
amplification attacks
Can we attack reflectors by using edge servers as
proxies?
14Amplification Experiment
Service degradation at similar pace
It is possible to attack reflectors by using
edge servers as proxies
Bottleneck observed, stop probing machines
Start probing machines
Throughput recovery
15Existing Countermeasures
- Stream replication
- Waste bandwidth
- Resource-based admission control
- Cant solve network or reflector bottlenecks
- Solving Puzzles
- Undermines Akamais service
- transparency
16Our approaches
- Location-aware admission control
17Our approaches (Cont.)
- Reducing system transparency
- Shielding administrative information
- Keep state at edge servers
- Shielding vincible IP addresses
- Virtual IP addresses
- Key issue
- Tradeoff between transparency and DoS resiliency
18Conclusions
- Large-scale, DNS-based load balancing systems are
known to be resilient to attacks. However, it is
not exactly true in the case of streaming - Identify vulnerabilities of DNS-based streaming
service - Slow load balancing
- No isolation
- Amplification attacks
- Provide countermeasures to raise the bar for
attackers
19 20Backup Slides
21Methodogy
- Protocol Windows Media Server (mms)
- Modify MiMMS software
- Setup
- Observers experimental machines
- Collect 1400 unique live streams
- assign 200 streams each to 7 experimental
machines - Bypass DNS redirections
- Directly connect to edge server
- Abort experiment immediately when we observe
bottleneck conditions
22Migration