Campus Event Calendar

Event Entry

What and Who

"Securing and Understanding the Internet"

Rob Sherwood
University of Maryland
SWS Colloquium

Rob Sherwood is completing his Ph.D. in Computer Science from the
University of Maryland.  His work is in networking and security, and is
advised by Bobby Bhattacharjee and Neil Spring.  Rob has worked on many
aspects of network security including anonymous communications, fair
file sharing, Denial-of-Service prevention, and reputation-based trust.
He obtained his B.S. from the University of Maryland and is a member of
the Association for Computing Machinery (ACM).

Rob Sherwood is a PostDoc candidate
AG 1, AG 2, AG 3, AG 4, AG 5, SWS, RG1, RG2  
Expert Audience

Date, Time and Location

Thursday, 29 May 2008
60 Minutes
E1 5
rotunda 6th floor


Despite its increasing importance in our lives,  the Internet remains
insecure and its global properties unknown.  Spam, phishing, and Denial
of Service (DoS) attacks have become common, while global properties as
basic as the router-connectivity graph continue to elude researchers.
Further, these two problems are inter-related: curtailing abuse exposes
gaps in knowledge of the Internet's underlying structure, and studying
the underlying structure exposes new techniques to curtail abuse.
My research leverages this insight by working on both securing and
understanding the Internet.

In this talk, I first discuss my work in securing the Internet by
describing Opt-Ack, a DoS attack on the network using optimistic
acknowledgments.  With this attack, malicious TCP receivers
"optimistically" acknowledge packets they did not receive and cause
unwitting TCP senders to flood the network.  Using Opt-Ack, the resulting
traffic flood is hundreds to millions of times the attacker's true
bandwidth.  I demonstrate randomly skipped segments, an efficient and
incrementally deployable solution to the Opt-Ack attack.

Second, I describe my work in understanding the Internet with DisCarte,
a constraint-solving system that infers the Internet router-connectivity
graph.  DisCarte uses disjunctive logic programming to cross-validate
topology information from TTL-limited traceroute probes and the often
ignored IP Record Route option against observed network engineering
practices.  Compared to previous techniques, router-connectivity graphs
produced by DisCarte are more accurate and contain more features.


Brigitta Hansen
--email hidden
passcode not visible
logged in users only

Brigitta Hansen, 05/27/2008 12:54 -- Created document.