Latency-rate servers: a general model for analysis of traffic scheduling algorithms
IEEE/ACM Transactions on Networking (TON)
Pricing via Processing or Combatting Junk Mail
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Mitigating Distributed Denial of Service Attacks with Dynamic Resource Pricing
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Using graphic turing tests to counter automated DDoS attacks against web servers
Proceedings of the 10th ACM conference on Computer and communications security
Efficiency Loss in a Network Resource Allocation Game
Mathematics of Operations Research
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
Selfish Routing and the Price of Anarchy
Selfish Routing and the Price of Anarchy
Policing congestion response in an internetwork using re-feedback
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks
IEEE Transactions on Dependable and Secure Computing
Source selectable path diversity via routing deflections
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Congestion games with malicious players
Proceedings of the 8th ACM conference on Electronic commerce
Equilibria for networks with malicious users
Mathematical Programming: Series A and B
NIRA: a new inter-domain routing architecture
IEEE/ACM Transactions on Networking (TON)
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
To filter or to authorize: network-layer DoS defense against multimillion-node botnets
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
The Price of Malice in Linear Congestion Games
WINE '08 Proceedings of the 4th International Workshop on Internet and Network Economics
MINT: a Market for INternet Transit
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Not-a-Bot: improving service availability in the face of botnet attacks
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
A prediction-based detection algorithm against distributed denial-of-service attacks
Proceedings of the 2009 International Conference on Wireless Communications and Mobile Computing: Connecting the World Wirelessly
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Proceedings of the 16th ACM conference on Computer and communications security
NetFence: preventing internet denial of service from inside out
Proceedings of the ACM SIGCOMM 2010 conference
On the efficiency of markets with two-sided proportional allocation mechanisms
SAGT'10 Proceedings of the Third international conference on Algorithmic game theory
A middleware system for protecting against application level denial of service attacks
Middleware'06 Proceedings of the 7th ACM/IFIP/USENIX international conference on Middleware
STRIDE: sanctuary trail -- refuge from internet DDoS entrapment
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
| Hi-index | 0.00 |
Denial of service protection mechanisms usually require classifying malicious traffic, which can be difficult. Another approach is to price scarce resources. However, while congestion pricing has been suggested as a way to combat DoS attacks, it has not been shown quantitatively how much damage a malicious player could cause to the utility of benign participants. In this paper, we quantify the protection that congestion pricing affords against DoS attacks, even for powerful attackers that can control their packets' routes. Specifically, we model the limits on the resources available to the attackers in three different ways and, in each case, quantify the maximum amount of damage they can cause as a function of their resource bounds. In addition, we show that congestion pricing is provably superior to fair queueing in attack resilience.