Communications of the ACM
Random early detection gateways for congestion avoidance
IEEE/ACM Transactions on Networking (TON)
TCP Vegas: new techniques for congestion detection and avoidance
SIGCOMM '94 Proceedings of the conference on Communications architectures, protocols and applications
Modeling TCP throughput: a simple model and its empirical validation
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
Freenet: a distributed anonymous information storage and retrieval system
International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
Protecting web servers from distributed denial of service attacks
Proceedings of the 10th international conference on World Wide Web
New directions in traffic measurement and accounting
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
An analysis of using reflectors for distributed denial-of-service attacks
ACM SIGCOMM Computer Communication Review
Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites
Proceedings of the 11th international conference on World Wide Web
Machine Learning
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
The BLUE active queue management algorithms
IEEE/ACM Transactions on Networking (TON)
Observation and analysis of BGP behavior under stress
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Towards Network Denial of Service Resistant Protocols
Proceedings of the IFIP TC11 Fifteenth Annual Working Conference on Information Security for Global Information Infrastructures
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Firewalls and Internet Security: Repelling the Wily Hacker
Firewalls and Internet Security: Repelling the Wily Hacker
Mitigating Distributed Denial of Service Attacks with Dynamic Resource Pricing
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Using client puzzles to protect TLS
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
IEEE Network: The Magazine of Global Internetworking
Steps towards a DoS-resistant internet architecture
Proceedings of the ACM SIGCOMM workshop on Future directions in network architecture
Mitigating bandwidth-exhaustion attacks using congestion puzzles
Proceedings of the 11th ACM conference on Computer and communications security
Honeypot back-propagation for mitigating spoofing distributed Denial-of-Service attacks
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
ACM Transactions on Computer Systems (TOCS)
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Honeypot back-propagation for mitigating spoofing distributed denial-of-service attacks
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Hi-index | 0.00 |
Since the Morris worm was unleashed in 1988, distributed denial-of-service (DDoS) attacks via worms and viruses have continued to periodically disrupt the Internet. Client puzzles have been proposed as one mechanism for protecting protocols against denial of service attacks. In this paper, we argue that such puzzles must be placed within the slim waistline of the TCP/IP protocol stack in order to truly provide protection. We then describe several scenarios in which TCP/IP puzzles could be used to thwart port scans and coordinated DDoS attacks. Finally, while puzzles hold the promise of being able to change the Internet landscape, we describe a large number of open research issues that must be resolved before such a vision can be achieved.