STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Implementing a distributed firewall
Proceedings of the 7th ACM conference on Computer and communications security
Protecting web servers from distributed denial of service attacks
Proceedings of the 10th international conference on World Wide Web
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Chord: A scalable peer-to-peer lookup service for internet applications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
A scalable content-addressable network
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Network support for IP traceback
IEEE/ACM Transactions on Networking (TON)
Efficient packet marking for large-scale IP traceback
Proceedings of the 9th ACM conference on Computer and communications security
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
A Study of the Relative Costs of Network Security Protocols
Proceedings of the FREENIX Track: 2002 USENIX Annual Technical Conference
Analysis of a Denial of Service Attack on TCP
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A holistic approach to service survivability
Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
Analyzing Distributed Denial of Service Tools: The Shaft Case
LISA '00 Proceedings of the 14th USENIX conference on System administration
Centertrack: an IP overlay network for tracking DoS floods
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Denial of service via algorithmic complexity attacks
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Mayday: distributed filtering for internet services
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
On the performance of TCP splicing for URL-aware redirection
USITS'99 Proceedings of the 2nd conference on USENIX Symposium on Internet Technologies and Systems - Volume 2
CAPTCHA: using hard AI problems for security
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Recognizing objects in adversarial clutter: breaking a visual captcha
CVPR'03 Proceedings of the 2003 IEEE computer society conference on Computer vision and pattern recognition
Mitigating bandwidth-exhaustion attacks using congestion puzzles
Proceedings of the 11th ACM conference on Computer and communications security
A Mutual Anonymous Peer-to-Peer Protocol Design
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Papers - Volume 01
WebSOS: an overlay-based system for protecting web servers from denial of service attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
IMAGINATION: a robust image-based CAPTCHA generation system
Proceedings of the 13th annual ACM international conference on Multimedia
Countering DoS attacks with stateless multipath overlays
Proceedings of the 12th ACM conference on Computer and communications security
A novel approach to detecting DDoS Attacks at an Early Stage
The Journal of Supercomputing
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Survey of network-based defense mechanisms countering the DoS and DDoS problems
ACM Computing Surveys (CSUR)
A self-aware approach to denial of service defence
Computer Networks: The International Journal of Computer and Telecommunications Networking
Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
AID: A global anti-DoS service
Computer Networks: The International Journal of Computer and Telecommunications Networking
Keeping Denial-of-Service Attackers in the Dark
IEEE Transactions on Dependable and Secure Computing
Pollution attacks and defenses for Internet caching systems
Computer Networks: The International Journal of Computer and Telecommunications Networking
Simulation for intrusion-resilient, DDoS-resistant authentication system (IDAS)
Proceedings of the 2008 Spring simulation multiconference
A DoS-resilient information system for dynamic data management
Proceedings of the twenty-first annual symposium on Parallelism in algorithms and architectures
A2M: Access-Assured Mobile Desktop Computing
ISC '09 Proceedings of the 12th International Conference on Information Security
WebSOS: an overlay-based system for protecting web servers from denial of service attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
Exploiting the human-machine gap in image recognition for designing CAPTCHAs
IEEE Transactions on Information Forensics and Security
ACM Transactions on Computer Systems (TOCS)
OverCourt: DDoS mitigation through credit-based traffic segregation and path migration
Computer Communications
Multi-agent-based Pay-Per-Use (PpU) distributed manufacturing
International Journal of Computer Applications in Technology
Users and services in intelligent networks
AINTEC'05 Proceedings of the First Asian Internet Engineering conference on Technologies for Advanced Heterogeneous Networks
Pervasive random beacon in the internet for covert coordination
IH'05 Proceedings of the 7th international conference on Information Hiding
gore: routing-assisted defense against DDoS attacks
ISC'05 Proceedings of the 8th international conference on Information Security
Distributed defence against denial of service attacks: a practical view
VoCS'08 Proceedings of the 2008 international conference on Visions of Computer Science: BCS International Academic Conference
How well can congestion pricing neutralize denial of service attacks?
Proceedings of the 12th ACM SIGMETRICS/PERFORMANCE joint international conference on Measurement and Modeling of Computer Systems
A novel architecture for the generation of picture based CAPTCHA
ADCONS'11 Proceedings of the 2011 international conference on Advanced Computing, Networking and Security
Review: Analyzing well-known countermeasures against distributed denial of service attacks
Computer Communications
An incrementally deployable path address scheme
Journal of Parallel and Distributed Computing
A denial-of-service resistant DHT
DISC'07 Proceedings of the 21st international conference on Distributed Computing
IRIS: a robust information system against insider dos-attacks
Proceedings of the twenty-fifth annual ACM symposium on Parallelism in algorithms and architectures
Mitigating DoS Attacks Using Performance Model-Driven Adaptive Algorithms
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Hi-index | 0.00 |
We present WebSOS, a novel overlay-based architecture that provides guaranteed access to a web server that is targeted by a denial of service (DoS) attack. Our approach exploits two key characteristics of the web environment: its design around a human-centric interface, and the extensibility inherent in many browsers through downloadable "applets." We guarantee access to a web server for a large number of previously unknown users, without requiring pre-existing trust relationships between users and the system.Our prototype requires no modifications to either servers or browsers, and makes use of graphical Turing tests, web proxies, and client authentication using the SSL/TLS protocol, all readily supported by modern browsers. We use the WebSOS prototype to conduct a performance evaluation over the Internet using PlanetLab, a testbed for experimentation with network overlays. We determine the end-to-end latency using both a Chord-based approach and our shortcut extension. Our evaluation shows the latency increase by a factor of 7 and 2 respectively, confirming our simulation results.