Paper review: < TCP Congestion Control with a Misbehaving Receiver [SCWA99] >

Reviewer: <Ryan Gehl>

1. State the problem the paper is trying to solve.

The purpose of this paper is to explore the impact that a misbehaving receiver can have on TCP congestion control.

2. State the main contribution of the paper: solving a new problem, proposing a new algorithm, or presenting a new evaluation (analysis). If a new problem, why was the problem important? Is the problem still important today? Will the problem be important tomorrow?  If a new algorithm or new evaluation (analysis), what are the improvements over previous algorithms or evaluations? How do they come up with the new algorithm or evaluation? 

The main contribution of this paper is to describe three potential attacks allowed by malicious receivers under the current TCP specification. In addition, the paper addresses a solution to these problems in which a receiver can only _reduce_ the data transfer rate by misbehaving, thereby eleminating the incentive to do so.

3. Summarize the (at most) 3 key main ideas (each in 1 sentence.) 

(1) TCP is vulnerable to attacks by malicious receivers, three of which are: ACK division, DupACK spoofing, and optimistic ACKing.
(2) With simple modifications to the TCP protocol that, without changing the nature of congestion control, allow the verification of what has historically been an implicit contract between the sender and the receiver.


4. Critique the main contribution
   • Rate the significance of the paper on a scale of 5 (breakthrough), 4 (significant contribution), 3 (modest contribution), 2 (incremental contribution), 1 (no contribution or negative contribution). Explain your rating in a sentence or two.

   I would rate this paper as a 5 because it is a breakthrough which not only describes how one could be a malicious receiver (in less than 50 lines of code), but also how to design the protocol such that these attacks can no longer happen.

   • Rate how convincing the methodology is: how do the authors justify the solution approach or evaluation? Do the authors use arguments, analyses, experiments, simulations, or a combination of them? Do the claims and conclusions follow from the arguments, analyses or experiments? Are the assumptions realistic (at the time of the research)? Are the assumptions still valid today? Are the experiments well designed? Are there different experiments that would be more convincing? Are there other alternatives the authors should have considered? (And, of course, is the paper free of methodological errors.)

   By actually hacking Linux, the authors implemented the three proposed "attacks" and proved that, pretty much across the board, various operating systems were vulnerable to "TCP Daytona" attacks.

   • What is the most important limitation of the approach?

   The most important limitation of this approach is that there is still no way to prevent the receiver from concealing a loss, but the cumulative nonce idea does mitigate the effects of optimistic ACKs.

5. What lessons should researchers and builders take away from this work. What (if any) questions does this work leave open?

One lesson researchers should take away from this work is that a valuable method of research is to try to act as a "malicious user" and then fix the problems you were able to find as a result.