Web caching and replication
Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites
Proceedings of the 11th international conference on World Wide Web
Drafting behind Akamai (travelocity-based detouring)
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Computer Networks: The International Journal of Computer and Telecommunications Networking
Reliability and security in the CoDeeN content distribution network
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Democratizing content publication with coral
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Mayday: distributed filtering for internet services
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
Proceedings of the 8th ACM SIGCOMM conference on Internet measurement
Content delivery networks: how big is big enough?
ACM SIGMETRICS Performance Evaluation Review
Comparing DNS resolvers in the wild
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Improving content delivery using provider-aided distance information
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Measuring a commercial content delivery network
Proceedings of the 20th international conference on World wide web
Research challenges towards the Future Internet
Computer Communications
Enabling content-aware traffic engineering
ACM SIGCOMM Computer Communication Review
On learning how to plan content delivery networks
Proceedings of the 46th Annual Simulation Symposium
Pushing CDN-ISP collaboration to the limit
ACM SIGCOMM Computer Communication Review
On the benefits of using a large IXP as an internet vantage point
Proceedings of the 2013 conference on Internet measurement conference
Hi-index | 0.00 |
Content Delivery Networks (CDNs) are commonly believed to offer their customers protection against application-level denial of service (DoS) attacks. Indeed, a typical CDN with its vast resources can absorb these attacks without noticeable effect. This paper uncovers a vulnerability which not only allows an attacker to penetrate CDN's protection, but to actually use a content delivery network to amplify the attack against a customer Web site. We show that leading commercial CDNs - Akamai and Limelight - and an influential research CDN - Coral - can be recruited for this attack. By mounting an attack against our own Web site, we demonstrate an order of magnitude attack amplification though leveraging the Coral CDN. We present measures that both content providers and CDNs can take to defend against our attack. We believe it is important that CDN operators and their customers be aware of this attack so that they could protect themselves accordingly.