How to construct random functions
Journal of the ACM (JACM)
On network-aware clustering of Web clients
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites
Proceedings of the 11th international conference on World Wide Web
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
Pi: A Path Identification Mechanism to Defend against DDoS Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Using graphic turing tests to counter automated DDoS attacks against web servers
Proceedings of the 10th ACM conference on Computer and communications security
Hop-count filtering: an effective defense against spoofed DDoS traffic
Proceedings of the 10th ACM conference on Computer and communications security
DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
Countering DoS attacks with stateless multipath overlays
Proceedings of the 12th ACM conference on Computer and communications security
Active internet traffic filtering: real-time response to denial-of-service attacks
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Empirical study of tolerating denial-of-service attacks with a proxy network
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Mayday: distributed filtering for internet services
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
SOS: an architecture for mitigating DDoS attacks
IEEE Journal on Selected Areas in Communications
Lightweight opportunistic tunneling (LOT)
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
LOT: A Defense Against IP Spoofing and Flooding Attacks
ACM Transactions on Information and System Security (TISSEC)
FireCol: a collaborative protection network for the detection of flooding DDoS attacks
IEEE/ACM Transactions on Networking (TON)
| Hi-index | 0.00 |
We consider the problem of overcoming (Distributed) Denial of Service (DoS) attacks by realistic adversariesthat have knowledge of their attack' s successfulness, e.g., by observing service performance degradation,or by eavesdropping on messages or parts thereof. A solution for this problem in a high-speed networkenvironment necessitates lightweight mechanisms for differentiating between valid traffic and the attacker'spackets. The main challenge in presenting such a solution is to exploit existing packet filtering mechanismsin a way that allows fast processing of packets, but is complex enough so that the attacker cannot efficientlycraft packets that pass the filters. We show a protocol that mitigates DoS attacks by adversaries that caneavesdrop and (with some delay) adapt their attacks accordingly. The protocol uses only available, efficientpacket filtering mechanisms based mainly on addresses and port numbers. Our protocol avoids the use of fixedports, and instead performs 'pseudo-random port hopping' . We model the underlying packet-filtering servicesand define measures for the capabilities of the adversary and for the success rate of the protocol. Using these,we provide a novel rigorous analysis of the impact of DoS on an end-to-end protocol, and show that ourprotocol provides effective DoS prevention for realistic attack and deployment scenarios.