Unlike traditional distributed system environments, the Internet has the property that different system components are frequently under the control of different administrative authorities -- each with their own polices and objectives. This characteristic has profound implications for service designers since important system-wide properties can no longer be engineered explicitly, but instead must be established implicitly through observation, inference, incentives and careful protocol design. In this talk I explore these issues by way of three case studies.

First, I consider the problem of measuring one-way network path characteristics, such as packet loss rate. These measurements require observations at both endpoints, but unfortunately there is little motivation for most Internet sites to cooperate in such experiments. By creatively exploiting the standard behavior of existing protocols, I demonstrate that it is possible to obtain these measurements without requiring explicit cooperation.

Finally, as recent events demonstrate, the Internet is vulnerable to malicious denial-of-service attacks. These attacks present a unique challenge because the Internet architecture relies on each host to voluntarily indicate a packet's origin. Attackers ignore this convention and consequently determining the source of such attacks is frequently impossible -- difficult and time-consuming at best. To address this problem, I describe an efficient, incrementally deployable, and (mostly) backwards compatible network mechanism that allows victims to trace denial-of-service attacks back to their source.