Abstract
We argue that open networks designed using end-to-end arguments are particularly vulnerable to flooding, and that this vulnerability persists as hardware and operating systems technologies advance. An effective end-to-end approach to counter distributed flooding attacks against public services and provide access guarantees to their clients is to establish and enforce “user agreements” among clients outside the public services they access. Among the user agreements designed to protect servers from flooding attacks, those requiring client proofs of work (e.g., client puzzles using hash functions) are both ineffective and unnecessary whenever strong access guarantees are desired. In contrast, simple rate-control agreements can be defined to provide strong guarantees based on waiting-time limits. These agreements are established by special-purpose servers and verified before request processing at network-line rate, and hence cannot be flooded.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
von Ahn, L., Blum, M., Hopper, N., Langford, J.: CAPTCHA: Using Hard AI Problems for Security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656. Springer, Heidelberg (2003)
Aura, T., Nikander, P., Leiwo, J.: DOS-resistant authentication with client puzzles. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2000. LNCS, vol. 2133, pp. 170–178. Springer, Heidelberg (2001)
Bertsekas, D., Gallager, R.: Data Networks, 2nd edn. Prentice-Hall, Englewood Cliffs (1992)
Bromley, D.W.: Making the Commons Work: Theory, Practice and Policy. ICS Press, San Francisco (1992), (Part 2, describing case studies; cf. [17], p. 22, 272
Darmohray, T., Oliver, R.: Hot Spares for DoS Attacks. login 25, No.7, (July 2000)
Dean, D., Stubblefield, A.: Using Client Puzzles to Protect TLS. In: Proc. of the USENIX Security Symposium (August 2001)
Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993)
Gligor, V.D.: A Note on the Denial-of-Service Problem. In: Proc. of the IEEE Symposium on Computer Security and Privacy, Oakland, California (April 1983); also in IEEE Transactions on Software Engineering, SE-10, No. 3 (May 1984)
Gligor, V.D.: On Denial of Service in Computer Networks. In: Proc. of Int’l Conference on Data Engineering, Los Angeles, California, Los Angeles, California, February 1986, pp. 608–617 (1986)
Gligor, V.D., Donescu, P.: Fast Encryption and Authentication: XCBC Encryption and XECB Authentication Modes. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 92–108. Springer, Heidelberg (2002)
Hagerup, T., Rub, C.: A Guided Tour of Chernoff Bounds. In: Information Processing Letters, 33th edn., pp. 305–308. North-Holland, Amsterdam (1989-90)
Hardin, G.: The Tragedy of Commons. Science 162, 1243 (1968)
Henessy, J., Patterson, D.: Computer Architecture: A Quantitative Approach, pp. 8–9. Morgan-Kaufmann, San Francisco (1990)
Ioannidis, J., Bellovin, S.: Implementing Pushback: Router-Based Defense Against DDoS Attacks. In: Proc. of Network and Distributed Systems Security Symposium, San Diego, California, February 2002, pp. 79–86. San Diego (2002)
Juels, A., Brainard, J.: Client Puzzles: A Cryptographic Defense Against Connection Depletion Attacks. In: Proc. of Network and Distributed Systems Symposium, San Diego, CA, February (1999)
Lampson, B.: Software Components: Only Giants Survive. In: Herbert, A., Sparck Jones, K. (eds.) Computer Systems: Papers for Roger Needham. Microsoft Research, February 2003, pp. 113–120 (2003)
Lessig, L.: The Future of Ideas: The Fate of the Commons in a Connected World. Random House, N.Y. (2001)
Millen, J.K.: A Resource Allocation Model for Denial of Service. In: Proc. of IEEE Symposium on Security and Privacy, Oakland, CA, vol. 2, pp. 89–106 (1993), (also in the Journal of Computer Security)
Moore, D., Voelker, G., Savage, S.: Inferring Internet Denial of Service Activity. In: Proc. of 2001 USENIX Security Symposium, Washington D.C (August 2001)
Pearson, S., Balacheff, B., Chen, L.: Trusted Computing Platforms – TCPA Technology in Context. Prentice Hall PTR, Englewood Cliffs (2003)
Saltzer, J.H., Reed, D.P., Clark, D.D.: End-to-End Arguments in System Design. ACM Transactions on Computer Systems 2 (November 1984)
Wang, L., Pai, V., Petersen, L.: The Effectiveness of Request Redirection on CDN Robustness. In: Proc. of the 5th Symp. on OS Design and Implementation (OSDI), Boston, Mass (December 2002)
Wang, X., Reiter, M.: Defending Against Denial-of-Service Attacks with Puzzle Auctions. In: Proc. of IEEE Symp. on Security and Privacy, Berkeley, CA (May 2003)
Xu, J., Lipton, R., Essa, I.: Hello, Are You Human, Technical Report, Georgia Institute of Technology (November 2000)
Yu, C.-F., Gligor, V.D.: A Formal Specification and Verification Method for Preventing Denial of Service Attacks. In: Proc. of the IEEE Security and Privacy Symposium, Oakland, CA, April 1988, vol. SE-16, pp. 187–200 (1998); also in IEEE Transactions on Software Engineering, June 1990, pp. 581-592
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gligor, V.D. (2005). Guaranteeing Access in Spite of Distributed Service-Flooding Attacks. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2003. Lecture Notes in Computer Science, vol 3364. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11542322_12
Download citation
DOI: https://doi.org/10.1007/11542322_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28389-8
Online ISBN: 978-3-540-31836-1
eBook Packages: Computer ScienceComputer Science (R0)