155:(DDoS) attacks. A resilient stochastic fair Blue (RSFB) algorithm was proposed in 2009 against spoofing DDoS attacks. The basic idea behind RSFB is to record the responsive normal TCP flows and rescue their dropped packets. RSFB algorithm is effective in preserving the TCP throughput in the presence of spoofing DDoS attacks.
123:
Stochastic fair Blue (SFB) is a stochastically fair variant of Blue which hashes flows and maintains a different mark/drop probability for each hash value. Assuming no hash collisions, SFB is able to provide a fair share of buffer space for every flow. In the presence of hash collisions, SFB is
139:, which dramatically reduces its storage requirements when the number of flows is large. When a flow's drop/mark probability reaches 1, the flow has been shown to not react to congestion indications from the network. Such an inelastic flow is put in a "
232:
Proceedings IEEE INFOCOM 2001. Conference on
Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213)
120:, but treats all flows as a single aggregate. Therefore, a single aggressive flow can push packets out of the queue belonging to other, better behaved, flows.
293:
63:
overflows. Unlike RED, however, it requires little or no tuning to be performed by the network administrator. A Blue queue maintains a drop/mark probability
229:
Wu-Chang Feng; Dilip D. Kandlur; Debanjan Saha; Kang G. Shin (April 2001). "Stochastic fair blue: A queue management algorithm for enforcing fairness".
441:
306:
261:
117:
56:
36:
389:
152:
446:
60:
377:
128:
239:
52:
32:
20:
244:
104:
will slowly converge to a value that keeps the queue within its bounds with full link utilization.
151:
Many scheduling algorithms, including the fairness-aimed ones, are notably vulnerable to spoofing
323:
267:
200:
113:
302:
257:
168:
24:
249:
414:
335:
340:
435:
271:
179:
132:
28:
230:
140:
253:
393:
295:
RSFB: a
Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks
136:
199:
Wu-chang Feng; Dilip D. Kandlur; Debanjan Saha; Kang G. Shin (April 1999).
353:
127:
Unlike other stochastically fair queuing disciplines, such as SFQ (
175:
55:(RED), Blue operates by randomly dropping or marking packet with
164:
112:
The main flaw of Blue, which it shares with most single-queue
40:
27:
developed by graduate student Wu-chang Feng for
Professor
201:"BLUE: A New Class of Active Queue Management Algorithms"
292:
Changwang Zhang; Jianping Yin & Zhiping Cai (2009).
100:
If the mix of traffic on the interface does not change,
71:
as they enter the queue. Whenever the queue overflows,
8:
415:"Stochastic Fair Blue for the Linux kernel"
390:"SFB Linux kernel network scheduler module"
67:, and drops/marks packets with probability
378:Kernel Newbies - Linux 2.6.39 - Networking
116:, is that it does not distinguish between
243:
210:(CSE–TR–387–99). University of Michigan
191:
59:mark before the transmit buffer of the
331:
321:
163:An implementation of Blue is part of
7:
238:. Vol. 3. pp. 1520–1529.
82:, and whenever the queue is empty,
131:), SFB can be implemented using a
14:
208:Computer Science Technical Report
75:is increased by a small constant
442:Packets (information technology)
57:explicit congestion notification
37:Thomas J. Watson Research Center
147:Resilient stochastic fair Blue
1:
174:An implementation of SFB for
153:distributed denial-of-service
61:network interface controller
129:Stochastic Fairness Queuing
86:is decreased by a constant
463:
254:10.1109/INFCOM.2001.916648
124:only stochastically fair.
301:. pp. 1566–1567.
53:random early detection
33:University of Michigan
143:", and rate-limited.
21:scheduling discipline
413:Juliusz Chroboczek.
178:was included in the
108:Stochastic fair Blue
447:Network performance
182:in version 2.6.39.
114:queuing disciplines
35:and others at the
308:978-1-4244-4521-9
263:978-0-7803-7016-6
169:network scheduler
25:network scheduler
454:
426:
425:
423:
421:
410:
404:
403:
401:
400:
386:
380:
375:
369:
368:
366:
364:
349:
343:
339:
333:
329:
327:
319:
317:
315:
300:
289:
283:
282:
280:
278:
247:
237:
226:
220:
219:
217:
215:
205:
196:
462:
461:
457:
456:
455:
453:
452:
451:
432:
431:
430:
429:
419:
417:
412:
411:
407:
398:
396:
388:
387:
383:
376:
372:
362:
360:
352:Wu-chang Feng.
351:
350:
346:
330:
320:
313:
311:
309:
298:
291:
290:
286:
276:
274:
264:
235:
228:
227:
223:
213:
211:
203:
198:
197:
193:
188:
161:
159:Implementations
149:
110:
95:
91:
80:
49:
12:
11:
5:
460:
458:
450:
449:
444:
434:
433:
428:
427:
405:
381:
370:
344:
332:|journal=
307:
284:
262:
245:10.1.1.11.4235
221:
190:
189:
187:
184:
171:for BSD Unix.
160:
157:
148:
145:
135:rather than a
109:
106:
93:
89:
78:
48:
45:
13:
10:
9:
6:
4:
3:
2:
459:
448:
445:
443:
440:
439:
437:
416:
409:
406:
395:
391:
385:
382:
379:
374:
371:
359:
355:
348:
345:
342:
337:
325:
310:
304:
297:
296:
288:
285:
273:
269:
265:
259:
255:
251:
246:
241:
234:
233:
225:
222:
209:
202:
195:
192:
185:
183:
181:
177:
172:
170:
166:
158:
156:
154:
146:
144:
142:
138:
134:
130:
125:
121:
119:
118:traffic flows
115:
107:
105:
103:
98:
96:
85:
81:
74:
70:
66:
62:
58:
54:
46:
44:
42:
38:
34:
30:
26:
22:
18:
418:. Retrieved
408:
397:. Retrieved
384:
373:
361:. Retrieved
357:
347:
312:. Retrieved
294:
287:
275:. Retrieved
231:
224:
212:. Retrieved
207:
194:
180:Linux kernel
173:
162:
150:
133:bloom filter
126:
122:
111:
101:
99:
92: < p
87:
83:
76:
72:
68:
64:
50:
29:Kang G. Shin
16:
15:
141:penalty box
47:Functioning
436:Categories
399:2013-09-07
394:kernel.org
186:References
137:hash table
334:ignored (
324:cite book
240:CiteSeerX
43:in 1999.
358:Web page
341:Abstract
23:for the
420:June 8,
363:June 8,
314:June 8,
277:June 8,
272:5902623
214:June 8,
31:at the
354:"Blue"
305:
270:
260:
242:
167:, the
299:(PDF)
268:S2CID
236:(PDF)
204:(PDF)
176:Linux
51:Like
19:is a
422:2013
365:2013
336:help
316:2013
303:ISBN
279:2013
258:ISBN
216:2013
165:ALTQ
17:Blue
250:doi
41:IBM
39:of
438::
392:.
356:.
328::
326:}}
322:{{
266:.
256:.
248:.
206:.
97:.
424:.
402:.
367:.
338:)
318:.
281:.
252::
218:.
102:p
94:i
90:d
88:p
84:p
79:i
77:p
73:p
69:p
65:p
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.