Date of Original Version
Abstract or Description
The rising demand for high-quality online services requires reliable packet delivery at the network layer. Data-plane fault localization is recognized as a promising means to this end, since it enables a source node to efficiently localize faulty links, find a fault-free path, and enforce contractual obligations among network nodes. Existing fault localization protocols cannot achieve a practical tradeoff between security and efficiency and they require unacceptably long detection delays, and require monitored flows to be impractically long-lived. In this paper, we propose an efficient fault localization protocol called Short-MAC which leverages probabilistic packet authentication and achieves 100 - 10000 times lower detection delay and overhead than related work. We theoretically derive a lower-bound guarantee on data-plane packet delivery in ShortMAC, implement a ShortMAC prototype, and evaluate its effectiveness on two platforms: SSFNet simulator and Linux/Click router. Our implementation and evaluation results show that ShortMAC causes negligible throughput and latency costs while retaining a high level of security.