Hi Damian, thanks, that's right; actually in high-latency and 10% loss, you get _much_ better performance than either TCP or Quic. However, these are not as common scenarios as clogging due to DDoS... So we still want to find relevant data, to know which ranges of latency and loss make sense. 

Guys: if you can share data but only privately, please do :) thanks!

Amir

--
Amir 



On Sat, Jan 25, 2020 at 12:38 PM Damian Menscher <damian@google.com> wrote:
Getting (and releasing) numbers from DDoS attacks will be challenging for most, but I think your research could apply to more than just DDoS.  There are often cases where one might want to work from an environment which has very poor networking.  As an extreme example, in 2007 I got online from an internet cafe in Paramaribo.  But, as I told a friend at the time, "latency is about 1s and packet loss around 10%".  It would be great if forward error correction could have improved that experience.

Damian

On Fri, Jan 24, 2020 at 7:27 PM Amir Herzberg <amir.lists@gmail.com> wrote:
Damian, thanks!

That's actually roughly the range of losses we focused on; but it was based on my rough feeling for reasonable loss rates (as well as on experiments where we caused losses in emulated environments), and a reviewer - justifiably - asked if we can base our values on realistic values. So I would love to have real value, I'm sure some people have these measured (I'm actually quite sure I've seed such values, but the challenge is recalling where and finding it...). 

Also, latency values (under congestion) would be appreciated. Also here, we used a range of values, I think the highest was 1sec, since we believe that under congestion delays goes up considerably since many queues fill up [and again I seem to recall values around this range]. But here the reviewer even challenged us and said he/she doubts that delays increase significantly under network congestion since he/she thinks that the additional queuing is something mostly in small routers such as home routers (and maybe like the routers used in our emulation testbed). So I'll love to have some real data to know for sure. 

Apart from knowing these things for this specific paper, I should know them in a well-founded way anyway, as I'm doing rearch on and teaching net-sec (incl. quite a lot on DoS) :) 

--
Amir 



On Fri, Jan 24, 2020 at 5:31 PM Damian Menscher <damian@google.com> wrote:
I suggest testing with a broad variety of values, as losses as low as 5% can be annoying, but losses at 50% or more are not uncommon.

Damian

On Fri, Jan 24, 2020 at 4:41 AM Amir Herzberg <amir.lists@gmail.com> wrote:
Dear NANOG, 

One of my ongoing research works is about a transport protocol that ensures (critical) communication in spite of DDoS congestion attack (which cannot be circumvented), by (careful) use of Forward Error Correction. Yes, obviously, this has to be done and used carefully since the FEC clearly increases traffic rather than the typical congestion-control approach of reducing it, I'm well aware of it; but some applications are critical (and often low-bandwidth) so such tool is important. 

I am looking for data on loss rate and congestion of DDoS attacks to make sure we use right parameters. Any chance you have such data and can share? 

Many thanks!  
--
Amir Herzberg 
Comcast chair of security innovation, University of Connecticut