Game theoretic resistance to denial of service attacks using hidden difficulty puzzles

Authors:
Harikrishna Narasimhan;Venkatanathan Varadarajan;C. Pandu Rangan
Affiliations:
Department of Computer Science and Engineering,College of Engineering, Guindy, Anna University, Chennai, India;Department of Computer Science and Engineering,College of Engineering, Guindy, Anna University, Chennai, India;Department of Computer Science and Engineering, Indian Institute of Technology Madras, Chennai, India
Venue:
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
Year:
2010

Citing 11
Cited 3

Pricing via Processing or Combatting Junk Mail

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
DOS-Resistant Authentication with Client Puzzles

Revised Papers from the 8th International Workshop on Security Protocols
Defending Against Denial-of-Service Attacks with Puzzle Auctions

SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Time-lock Puzzles and Timed-release Crypto

Time-lock Puzzles and Timed-release Crypto
New client puzzle outsourcing techniques for DoS resistance

Proceedings of the 11th ACM conference on Computer and communications security
Game-Based Analysis of Denial-of-Service Prevention Protocols

CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
A generic construction of useful client puzzles

Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
A Puzzle-Based Defense Strategy Against Flooding Attacks Using Game Theory

IEEE Transactions on Dependable and Secure Computing
A game-theoretic analysis of denial of service attacks in wireless random access

Wireless Networks
Toward non-parallelizable client puzzles

CANS'07 Proceedings of the 6th international conference on Cryptology and network security
Combating spam and denial-of-service attacks with trusted puzzle solvers

ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience

A secure distance-based RFID identification protocol with an off-line back-end database

Personal and Ubiquitous Computing
Applying Puzzle-Based Learning to Cyber-Security Education

Proceedings of the 2013 on InfoSecCD '13: Information Security Curriculum Development Conference
A Security Differential Game Model for Sensor Networks in Context of the Internet of Things

Wireless Personal Communications: An International Journal

Quantified Score

Hi-index	0.00

Visualization

Abstract

Denial of Service (DoS) vulnerabilities are one of the major concerns in today’s internet. Client-puzzles offer a good mechanism to defend servers against DoS attacks. In this paper, we introduce the notion of hidden puzzle difficulty, where the attacker cannot determine the difficulty of the puzzle without expending a minimal amount of computational resource. We propose three concrete puzzles that satisfy this requirement. Using game theory, we show that a defense mechanism is more effective when it uses a hidden difficulty puzzle. Based on the concept of Nash equilibrium, we develop suitable defense mechanisms that are better than the existing ones.