A cost-based framework for analysis of denial of service in networks

Authors:
Catherine Meadows
Affiliations:
-
Venue:
Journal of Computer Security
Year:
2001

Citing 0
Cited 31

Formalizing GDOI group key management requirements in NPATRL

CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
COCA: A secure distributed online certification authority

ACM Transactions on Computer Systems (TOCS)
The economics of information security investment

ACM Transactions on Information and System Security (TISSEC)
The Logic of Authentication Protocols

FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
An approach to analyzing availability properties of security protocols

Nordic Journal of Computing
Using interval logics for temporal analysis of security protocols

Proceedings of the 2003 ACM workshop on Formal methods in security engineering
Formal specification and analysis of the group domain of interpretation protocol using NPATRL and the NRL protocol analyzer

Journal of Computer Security - Special issue on ACM conference on computer and communications security, 2001
Static validation of security protocols

Journal of Computer Security
Using equivalence-checking to verify robustness to denial of service

Computer Networks: The International Journal of Computer and Telecommunications Networking
Modelling denial of service attacks on JFK with Meadows's cost-based framework

ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Just fast keying in the pi calculus

ACM Transactions on Information and System Security (TISSEC)
Cost-based and time-based analysis of DoS-resistance in HIP

ACSC '07 Proceedings of the thirtieth Australasian conference on Computer science - Volume 62
Implementing and testing dynamic timeout adjustment as a dos counter-measure

Proceedings of the 2007 ACM workshop on Quality of protection
Capturing industry experience for an effective information security assessment

International Journal of Information Systems and Change Management
Quantifying Resistance to the Sybil Attack

Financial Cryptography and Data Security
Using equivalence-checking to verify robustness to denial of service

Computer Networks: The International Journal of Computer and Telecommunications Networking
Security Notions and Generic Constructions for Client Puzzles

ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Quantitative Study of Two Attacks

Electronic Notes in Theoretical Computer Science (ENTCS)
An economical model for the risk evaluation of DoS vulnerabilities in cryptography protocols

ISPEC'07 Proceedings of the 3rd international conference on Information security practice and experience
What makes a cryptographic protocol secure? the evolution of requirements specification in formal cryptographic protocol analysis

ESOP'03 Proceedings of the 12th European conference on Programming
Performance evaluation of non-parallelizable client puzzles for defeating DoS attacks in authentication protocols

DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
An integrated approach to cryptographic mitigation of denial-of-service attacks

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Formal modelling and automatic detection of resource exhaustion attacks

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
On evaluating the performance of security protocols

PaCT'05 Proceedings of the 8th international conference on Parallel Computing Technologies
Customizing protocol specifications for detecting resource exhaustion and guessing attacks

FMCO'10 Proceedings of the 9th international conference on Formal Methods for Components and Objects
Using admissible interference to detect denial of service vulnerabilities

IWFM'03 Proceedings of the 6th international conference on Formal Methods
Some improvements to the cost-based framework for analyzing denial of service attacks

INTRUST'11 Proceedings of the Third international conference on Trusted Systems
Timed traces and strand spaces

CSR'07 Proceedings of the Second international conference on Computer Science: theory and applications
Queue management as a DoS counter-measure?

ISC'07 Proceedings of the 10th international conference on Information Security
Quantification, Optimization and Uncertainty Modeling in Information Security Risks: A Matrix-Based Approach

Information Resources Management Journal
Modeling and analysis of internet key exchange protocolv2 and a proposal for its variant

Proceedings of the 6th ACM India Computing Convention

Quantified Score

Hi-index	0.00

Visualization

Abstract

Denial of service is becoming a growing concern. As computersystems communicate more and more with others that they know lessand less, they become increasingly vulnerable to hostile intruderswho may take advantage of the very protocols intended for theestablishment and authentication of communication to tie upresources and disable servers. This paper shows how some principlesthat have already been used to make cryptographic protocols moreresistant to denial of service by trading off the cost to defenderagainst the cost to the attacker can be formalized based on amodification of the Gong-Syverson fail-stop model of cryptographicprotocols, and indicates the ways in which existing cryptographicprotocol analysis tools could be modified to operate within thisformal framework. We also indicate how this framework could beextended to protocols that do not make use of strongauthentication.