The interactive performance of SLIM: a stateless, thin-client architecture
Proceedings of the seventeenth ACM symposium on Operating systems principles
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Limits of wide-area thin-client computing
SIGMETRICS '02 Proceedings of the 2002 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Measuring thin-client performance using slow-motion benchmarking
ACM Transactions on Computer Systems (TOCS)
IEEE Internet Computing
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
UMAC: Fast and Secure Message Authentication
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Using graphic turing tests to counter automated DDoS attacks against web servers
Proceedings of the 10th ACM conference on Computer and communications security
Best-path vs. multi-path overlay routing
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Roaming Honeypots for Mitigating Service-Level Denial-of-Service Attacks
ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
Analyzing the Secure Overlay Services Architecture under Intelligent DDoS Attacks
ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
A comparison of overlay routing and multihoming route control
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
MobiDesk: mobile virtual desktop computing
Proceedings of the 10th annual international conference on Mobile computing and networking
THINC: a virtual display architecture for thin-client computing
Proceedings of the twentieth ACM symposium on Operating systems principles
Countering DoS attacks with stateless multipath overlays
Proceedings of the 12th ACM conference on Computer and communications security
Drafting behind Akamai (travelocity-based detouring)
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Improving the reliability of internet paths with one-hop source routing
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Mayday: distributed filtering for internet services
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
Portcullis: protecting connection setup from denial-of-capability attacks
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Review: Application mobility in pervasive computing: A survey
Pervasive and Mobile Computing
| Hi-index | 0.02 |
Continued improvements in network bandwidth, cost, and ubiquitous access are enabling service providers to host desktop computing environments to address the complexity, cost, and mobility limitations of today's personal computing infrastructure. However, distributed denial of service attacks can deny use of such services to users. We present A2M, a secure and attack-resilient desktop computing hosting infrastructure. A2M combines a stateless and secure communication protocol, a single-hop Indirection-based network (IBN) and a remote display architecture to provide mobile users with continuous access to their desktop computing sessions. Our architecture protects both the hosting infrastructure and the client's connections against a wide range of service disruption attacks. Unlike any other DoS protection system, A2M takes advantage of its low-latency remote display mechanisms and asymmetric traffic characteristics by using multi-path routing to send a small number of replicas of each packet transmitted from client to server. This packet replication through different paths, diversifies the client-server communication, boosting system resiliency and reducing end-to-end latency. Our analysis and experimental results on PlanetLab demonstrate that A2M significantly increases the hosting infrastructure's attack resilience even for wireless scenarios. Using conservative ISP bandwidth data, we show that we can protect against attacks involving thousands (150,000) attackers, while providing good performance for multimedia and web applications and basic GUI interactions even when up to 30% and 50%, respectively, of indirection nodes become unresponsive.