Many software resource systems operate using a "best effort" strategy, blindly servicing all requests that they receive without considering the possibility of overload. This leads to vulnerabilities to situations like the Denial of Service (DoS) attack, where attackers flood a resource with rapid-fire service requests, eventually saturating it and rendering it inoperable.
In this talk, I will describe an adaptive, nonlinear, model-reference control algorithm that allows software resource systems to handle overload conditions more gracefully. The key is to build a stochastic process model of the evolving state of the resource system as it receives requests -- that is, what percentage of its resources are in use at any time. We then use an adaptive nonlinear PID (proportional integral derivative) control strategy to regulate incoming requests, thereby shaping the stationary distribution of the resource usage to match a desired specification.
I will discuss an example in which a TCP/IP network router is subjected to -- and fails under the load of -- a simulated Internet DoS attack. When retrofitted with the controller described above, the router is able to block the attack while simultaneously passing valid Intranet traffic.
The method has low computational and memory overhead; retrofitting a software system with such a controller amounts to a few dozen lines of code. It is also broadly applicable: the same strategy can be used to control the behavior of any resource that is finite and shared.
This is joint work with James Garnett.