Exploitable Communication Bottlenecks in Cyberspace

PI: Virgil D. Gligor, Carnegie Mellon University

Contact: Min Suk Kang (minsukkang@cmu.edu), Carnegie Mellon University

The existence of inherent communication bottlenecks in the Internet allows an adversary to launch infrastructure disconnection attacks; e.g., flooding attack against selected Internet routers to effectively disconnect end-point servers from the Internet. Therefore, both an adversary and the potential target owners are extremely motivated to investigate if communication bottlenecks exist in the Internet. Unfortunately, the Internet does have communication bottlenecks and the attacks exploiting them have attracted attention both from the security research community and the real adversaries in the wild.

In this project, we (1) identify and analyze the narrow path waist of the Internet specific to various targeted servers; i.e., the very small set of bottleneck network links that carry most of the traffic to a set of target servers; (2) understand why the narrow path waists are formed; and lastly (3) discuss how to mitigate the exploitation of the bottlenecks.

The in-depth study of the narrow path waist of the Internet will provide us with a better understanding of the inherent bottlenecks of the current Internet design, the defensive measures against infrastructure disconnection attacks, and the new requirements for the future Internet architectures.