Public access to the Internet
Paris metro pricing for the internet
Proceedings of the 1st ACM conference on Electronic commerce
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
The Complete FreeBSD
Application Performance in the QLinux Multimedia Operating System
Application Performance in the QLinux Multimedia Operating System
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Retrofitting quality of service into a time-sharing operating system
ATEC '99 Proceedings of the annual conference on USENIX Annual Technical Conference
ATEC '99 Proceedings of the annual conference on USENIX Annual Technical Conference
DDoS attacks and defense mechanisms: classification and state-of-the-art
Computer Networks: The International Journal of Computer and Telecommunications Networking
Design and analysis of a replicated elusive server scheme for mitigating denial of service attacks
Journal of Systems and Software - Special issue: Performance modeling and analysis of computer systems and networks
Preventing SYN flood DoS attacks: an improvement to SYN cookies
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
| Hi-index | 0.00 |
It is widely recognized that distributed denial-of-service (DDoS) attacks can disrupt electronic commerce and cause large revenue losses. However, effective defenses continue to be mostly unavailable. We describe and evaluate VIPnet, a novel value-added network service for protecting e-commerce and other transaction-based sites from DDoS attacks. In VIPnet, e-merchants pay Internet Service Providers (ISPs) to carry the packets of the e-merchants' best clients (called VIPs) in a privileged class of service (CoS), protected from congestion, whether malicious or not, in the regular CoS. VIPnet rewards VIPs with not only better quality of service, but also greater availability. Because VIP rights are client- and server-specific, cannot be forged, are usage-limited, and are only replenished after successful client transactions (e.g., purchases), it is impractical for attackers to mount and sustain DDoS attacks against an e-merchant's VIPs. VIPnet can be deployed incrementally and does not require universal adoption. Experiments demonstrate VIPnet's benefits.