This paper describes a technique for tracing anonymous packet flooding attacks in the Internet back towards their source. This work is motivated by the increased frequency and sophistication of denial-of-service attacks and by the difficulty in tracing packets with incorrect, or “spoofed”, source addresses. In this paper we describe a general purpose traceback mechanism based on probabilistic packet marking in the network. Our approach allows a victim to identify the network path(s) traversed by attack traffic without requiring interactive operational support from Internet Service Providers (ISPs). Moreover, this traceback can be performed “post-mortem ” – after an attack has completed. We present an implementation of this technology that is incrementally deployable, (mostly) backwards compatible and can be efficiently implemented using conventional technology. 1.

This paper presents the design and implementation of the Intentional Naming System (INS), a resource discovery and service location system for dynamic and mobile networks of devices and computers. Such environments require a naming system that is (i) expressive, to describe and make requests based on specific properties of services, (ii) responsive, to track changes due to mobility and performance, (iii) robust, to handle failures, and (iv) easily configurable. INS uses a simple language based on attributes and values for its names. Applications use the language to describe what they are looking for (i.e., their intent), not where to find things (i.e., not hostnames). INS implements a late binding mechanism that integrates name resolution and message routing, enabling clients to continue communicating with end-nodes even if the name-to-address mappings change while a session is in progress. INS resolvers self-configure to form an application-level overlay network, which they use to discover new services, perform late binding, and maintain weak consistency of names using soft-state name exchanges and updates. We analyze the performance of the INS algorithms and protocols, present measurements of a Java-based implementation, and describe three applications we have implemented that demonstrate the feasibility and utility of INS.

Attempts to generalize the Internet's point-to-point communication abstraction to provide services like multicast, anycast, and mobility have faced challenging technical problems and deployment barriers. To ease the deployment of such services, this paper proposes an overlay-based Internet Indirection Infrastructure (i3) that offers a rendezvous-based communication abstraction. Instead of explicitly sending a packet to a destination, each packet is associated with an identifier; this identifier is then used by the receiver to obtain delivery of the packet. This level of indirection decouples the act of sending from the act of receiving, and allows i3 to efficiently support a wide variety of fundamental communication services. To demonstrate the feasibility of this approach, we have designed and built a prototype based on the Chord lookup protocol.

TCP is a reliable transport protocol tuned to perform well in traditional networks where congestion is the primary cause of packet loss. However, networks with wireless links and mobile hosts incur significant losses due to biterrors and handoff. This environment violates many of the assumptions made by TCP, causing degraded end-toend performance. In this paper, we describe the additions and modifications to the standard Internet protocol stack (TCP/IP) to improve end-to-end reliable transport performance in mobile environments. The protocol changes are made to network-layer software at the base station and mobile host, and preserve the end-to-end semantics of TCP. One part of the modifications, called the snoop module, caches packets at the base station and performs local retransmissions across the wireless link to alleviate the problems caused by high bit-error rates. The second part is a routing protocol that enables low-latency handoff to occur with negligible data loss. We have im...

We present the design and implementation of an end-to-end architecture for Internet host mobility using dynamic updates to the Domain Name System (DNS) to track host location. Existing TCP connections are retained using secure and efficient connection migration, enabling established connections to seamlessly negotiate a change in endpoint IP addresses without the need for a third party. Our architecture is secure---name updates are effected via the secure DNS update protocol, while TCP connection migration uses a novel set of Migrate options---and provides a pure end-system alternative to routing-based approaches such as Mobile IP. Mobile IP was

INTRODUCTION Mobile computation, where independent agents roam widely distributed networks in search of resources and information, is fast becoming a reality. A number of programming languages, APIs and protocols have recently emerged which seek to provide high-level support for mobile agents. These include Java [30], Odyssey [15], Aglets [19], Voyager [24] and the latest revisions of the Internet protocol [25, 2]. In addition to these commercial efforts, many prototype languages have been developed and implemented within the programming language research community --- examples include Linda [8, 9], Facile [16], Obliq [7], Infospheres [11], the join calculus [13], and Nomadic Pict [33]. In this paper we address the issue of resource access control for such languages. Central to the paradigm of mobile computation are the notions of agent, resource and location. Agents are effective entities that perform computation and interact with other First publis

We present extensions to a traditional cellular [Ses95] handoff system to handle the simultaneous operation of multiple wireless network interfaces. This new system allows mobile users to roam in a "Wireless Overlay Network" structure consisting of room-size, building-size, and wide-area data networks. In this structure, the user can connect to the wired network through multiple wireless subnets, and offers the best possible connectivity given the user's geographic location and local wireless connectivity. We present the basic handoff system and show that the handoff latency is bounded by the amount of time that the mobile host takes to discover that it has moved in or out of a new wireless overlay. To efficiently support applications that can not tolerate these disruptions, we present optimizations to this basic scheme that assume no knowledge about specific channel characteristics. For handoffs between room-size and building-size overlays, these optimizations lead to a handoff latenc...

We have created Zap, a novel system for transparent migration of legacy and networked applications. Zap provides a thin virtualization layer on top of the operating system that introduces pods, which are groups of processes that are provided a consistent, virtualized view of the system. This decouples processes in pods from dependencies to the host operating system and other processes on the system. By integrating Zap virtualization with a checkpoint-restart mechanism, Zap can migrate a pod of processes as a unit among machines running independent operating systems without leaving behind any residual state after migration. We have implemented a Zap prototype in Linux that supports transparent migration of unmodified applications without any kernel modifications. We demonstrate that our Linux Zap prototype can provide general-purpose process migration functionality with low overhead. Our experimental results for migrating pods used for running a standard user’s X windows desktop computing environment and for running an Apache web server show that these kinds of pods can be migrated with subsecond checkpoint and restart latencies. 1

Lime is a system designed to assist in the rapid development of dependable mobile applications over both wired and ad hoc networks. Mobile agents reside on mobile hosts and all communication takes place via transiently shared tuple spaces distributed across the mobile hosts. The decoupled style of computing characterizing the Linda model is extended to the mobile environment. At the application level, both agents and hosts perceive movement as a sudden change of context. The set of tuples accessible by a particular agent residing on a given host is altered transparently in response to changes in the connectivity pattern among the mobile hosts. In this paper we present the key design concepts behind the Lime system. 1 INTRODUCTION Today's users demand ubiquitous network access independent of their physical location. This style of computation, often referred to as mobile computing, is enabled by rapid advances in the wireless communication technology. The networking scenarios enabled ...

Computing and telecommunications are maturing, and the next century promises a shift away from technology-driven general-purpose devices. Instead, we will focus on the needs of consumers: easy-to-use, low-maintenance, portable, ubiquitous, and ultra-reliable task-specific devices. Such devices, although not as limited by computational speed or communication bandwidth, will instead be constrained by new limits on size, form-factor, and power consumption. Data that they generate will need to be injected into the Internet and find its way to the services to which the user has subscribed. This is not simply a problem of ad-hoc networking, but one that requires re-thinking our basic assumptions regarding network transactions and challenges us to develop entirely new models for distributed services. Network topologies will be intermittent and services will have to be discovered independently of user guidance. In fact, data transfers from user interfaces to services and back, will need to become invisible to the user and guided by the task rather than explicit commands. This paper outlines a vision of this future and identifies research problems that will require our attention in the areas of user interfaces, distributed services, and networking infrastructure. 1