A taxonomy for denial of service attacks in content-based publish/subscribe systems

Wun, Alex; Cheung, Alex King Yeung; Jacobsen, Hans‐Arno

doi:10.1145/1266894.1266917

Cited by 14 publications

(8 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the field of publish/subscribe systems, Wun et al [21] present a taxonomy for a specific type of attack against such kind of systems, namely the Denial of Service (DoS). In particular, the authors describe two key characteristics of DoS attacks in the context of pub/sub systems: localization and transmission.…”

Section: Related Workmentioning

confidence: 99%

The overlay scan attack

Aniello

Baldoni

Ciccotelli

et al. 2014

Proceedings of the 8th ACM International Conference on Distributed Event-Based Systems

View full text Add to dashboard Cite

While pub/sub communication middleware has become mainstream in many application domains, little has been done to assess its weaknesses from a security standpoint. Complex attacks are usually planned by attackers by carefully analyzing the victim to identify those systems that, if successfully targeted, could provide the most effective result. In this paper we show that some pub/sub middleware are inherently vulnerable to a specific kind of preparatory attack, namely the Overlay Scan Attack, that a malicious user could exploit to infer the internal topology of a system, a sensible information that could be used to plan future attacks. The topology inference is performed by only using the standard primitives provided by the pub/sub middleware and assuming minimal knowledge on the target system. The practicality of this attack has been shown both in a simulated environment and through a test performed on a SIENA pub/sub deployment.

show abstract

Section: Related Workmentioning

confidence: 99%

The overlay scan attack

Aniello

Baldoni

Ciccotelli

et al. 2014

Proceedings of the 8th ACM International Conference on Distributed Event-Based Systems

View full text Add to dashboard Cite

show abstract

“…Pub/sub networks are working differently from the IP network, but still, denial‐of‐service (DoS) attacks are possible. In , a first attempt is presented to classify DoS attacks for this type of network. This work introduced a very useful taxonomy of the DoS attacks in pub/sub systems.…”

Section: Networking Security In the Network Of The Futurementioning

confidence: 99%

Security and privacy issues for the network of the future

Marias

Barros

Fiedler

et al. 2011

Security Comm Networks

View full text Add to dashboard Cite

The vision towards the Network of the Future cannot be separated from the fact that today's networks, and networking services are subject to sophisticated and very effective attacks. When these attacks first appeared, spoofing and distributed denial-of-service attacks were treated as apocalypse for networking. Now, they are considered moderate damage, whereas more sophisticated and inconspicuous attacks, such as botnets activities, might have greater and far reaching impact. As the Internet is expanding to mobile phones and smart dust and as its social coverage is liberalized towards the realization of ubiquitous computing (with communication), the concerns on security and privacy have become deeper and the problems more challenging than ever. Re-designing the Internet as the Network of the Future is self-motivating for researchers, and security and privacy cannot be provided again as separate, external, add-on, solutions. In this paper, we discuss the security and privacy challenges of the Network of the Future and try to delimit the solutions space on the basis of emerging techniques. We also review methods that help the quantification of security and privacy in an effort to provide a more systematic and quantitative treatment of the area in the future

show abstract

“…The current Internet is continuously threatened by Denial of Service (DoS) attacks. Wun et al were the first that identified and classified this kind of attacks in content based publish/subscribe networks [19]. Interestingly enough, all kinds of attacks identified are based on the rendezvous network; the attackers may flood the rendezvous network with publications, causing the creation of an intolerable number of notifications towards subscribers, or if the rendezvous network allows parameterized subscriptions-e.g., all publications that concern Future Internet published between 2007 and 2009-attackers may use complex expressions and consume the resources of the rendezvous nodes.…”

Section: Security Threatsmentioning

confidence: 99%

Towards a Secure Rendezvous Network for Future Publish/Subscribe Architectures

Fotiou

Marias

Polyzos

2010

Future Internet - FIS 2010

View full text Add to dashboard Cite

Abstract. Publish/Subscribe is often regarded as a promising paradigm for Future Internet architectures. Its information oriented nature and its particular security features have stimulated current research efforts which aim at applying publish/subscribe principles to a clean-slate Internet architecture. One of the core components of publish/subscribe architectures is the rendezvous network. Any security failure that a rendezvous network may face will probably jeopardize the operation of the whole (inter-)network. In this paper we highlight security requirements and potential security issues of rendezvous networks and we present security solutions that can be applied in order to shield them.

show abstract

A taxonomy for denial of service attacks in content-based publish/subscribe systems

Cited by 14 publications

References 17 publications

The overlay scan attack

The overlay scan attack

Security and privacy issues for the network of the future

Towards a Secure Rendezvous Network for Future Publish/Subscribe Architectures

Contact Info

Product

Resources

About