A PLANETLAB-based performance analysis of RSerPool security mechanisms

Reliable Server Pooling (RSerPool) denotes the new IETF standard for a lightweight server redundancy and session failover framework for availability-critical applications. A number of research papers have already addressed the service and pool management performance of RSerPool in general. However, the important topic of security, including the system robustness against intentional attacks, has not yet been intensively addressed. In particular, none of the proposed Denial of Service (DoS) attack countermeasure mechanisms has been evaluated in a real-world Internet setup. For that reason, this paper provides an analysis of the robustness of RSerPool systems against DoS attacks. We will outline the DoS attack bandwidth which is necessary for a significant service degradation. Furthermore, we will present simple but effective DoS attack countermeasure mechanisms to significantly reduce the impact of attacks. Our analysis is based on a real-world Internet setup using the PLANETLAB. We will furthermore compare the performance measurements against simulation results.