[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
attacks on trajectory sampling
>Here's a possible solution: instead of making sampling
>decisions of the form
> sample if h(x) in [a,a+r-1]
>(where x is the packet, h the hash function, a the
>lower interval boundary, r the range)
>we could use instead
> sample if h(x,s) in [0,r-1]
>where s is a secret "seed" value, chosen out of a
>possibly large set (this is equivalent, of course,
>of having a large family h_s(.) of different hash
Excellent! this makes the specification of hash function
values, (the valuse of s and r) correspond to what an operator
might want to vary. the seed value provides the secret that
cannot be know by malicious packet traffic, and the range
parameter provides a throttling mechanism on the amount of
generated sample traffic. If the range of the hash function
is a 32-bit value, then r/2^32 becomes the ratio of sampled
traffic to all traffic (assuming smooth distribution).
This method of parameterizing the hash function is clear
and intuitive. Way to go!
to unsubscribe send a message to firstname.lastname@example.org with
the word 'unsubscribe' in a single line as the message text body.