This paper focuses on methods for detecting QoS attacks on a QoS enabled
network. Its main focus is on comparing and contrasting different methods of
DoS/QoS detection and prevention. Their comparisons focus on 2 prevention
methods (Ingress Filtering, and Route-based packet filtering) and 4
detection methods (traceback with probabilistic packet marking , Core based,
stripe-based and distributed monitoring). They compare these methods based
on communication overhead and processing overhead. Communication overhead is
measured as the number of extra bytes sent over the network and processing
overhead is measured by how many times certain calls are made, such as an
address look up or checking some header fields.
The authors calculated the values for each method based on an analysis of
what exactly each method does, for example, P(Ingf) = M x F x P x a1 because
each packet entering the domain must have its source IP checked which will
take a1 time and there are M x F x P packets entering the domain.  In order
to visualize the differences between each scheme they then plotted the
overhead values. From these graphs they were able to compare each different
scheme. To conclude, the authors then presented a comparison table so that
you could pick the appropriate method for you based on different trade offs.

And the verdict was:
Strong Accept - 0
Accept - 9
Reject - 8
Strong Reject - 1

Moderator: Jodie Boyer