[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

attacks on trajectory sampling

>Here's a possible solution: instead of making sampling
>decisions of the form
>  sample if h(x) in [a,a+r-1]
>(where x is the packet, h the hash function, a the
>lower interval boundary, r the range)
>we could use instead
>  sample if h(x,s) in [0,r-1]
>where s is a secret "seed" value, chosen out of a
>possibly large set (this is equivalent, of course, 
>of having a large family h_s(.) of different hash 

Excellent!  this makes the specification of hash function
values, (the valuse of s and r) correspond to what an operator
might want to vary.  the seed value provides the secret that     
cannot be know by malicious packet traffic, and the range
parameter provides a throttling mechanism on the amount of
generated sample traffic.  If the range of the hash function
is a 32-bit value, then r/2^32 becomes the ratio of sampled
traffic to all traffic (assuming smooth distribution).
This method of parameterizing the hash function is clear
and intuitive.  Way to go!

		Rae McLellan

to unsubscribe send a message to psamp-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/psamp/>