2000
DOI: 10.1007/978-0-387-35515-3_31
|View full text |Cite
|
Sign up to set email alerts
|

Towards Network Denial of Service Resistant Protocols

Abstract: Networked and distributed systems have introduced a new significant threat to the availability of data and services: network denial of service attacks. A well known example is the TCP SYN flooding. In general, any statefull handshake protocol is vulnerable to similar attacks. This paper examines the network denial of service in detail and surveys and compares different approaches towards preventing the attacks. As a conclusion, a number of protocol design principles are identified essential in designing networ… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
23
0

Year Published

2002
2002
2011
2011

Publication Types

Select...
6
2
1

Relationship

0
9

Authors

Journals

citations
Cited by 53 publications
(23 citation statements)
references
References 23 publications
0
23
0
Order By: Relevance
“…The idea is to gradually strengthen the authentication process as the protocol executes by introducing a weak authentication phase prior to signature verification. Leiwo et al [9] suggest that allocation of server resources can only take place after client authentication, and that a client's workload must be greater than that of the server.…”
Section: Related Workmentioning
confidence: 99%
“…The idea is to gradually strengthen the authentication process as the protocol executes by introducing a weak authentication phase prior to signature verification. Leiwo et al [9] suggest that allocation of server resources can only take place after client authentication, and that a client's workload must be greater than that of the server.…”
Section: Related Workmentioning
confidence: 99%
“…The requirement for key establishment protocols to exhibit denial of service resistance is well recognized by the protocol engineering community and a number of design strategies have emerged that promote the judicious allocation of resources when processing initiator requests [5,6]. The proposed strategies can be broadly classified into three types.…”
Section: Dos-resistance Strategiesmentioning
confidence: 99%
“…Achieving this goal may require artificially increasing the computational expenditure of the initiator to ensure the survivability of the responder [5], or having the initiator perform computations on behalf of the responder, thereby reducing the relative cost of computation to the responder.…”
Section: Counterbalancing Computational Expenditurementioning
confidence: 99%
“…Client puzzles have also been used in the context of security protocols [26,35], most notably for protecting SSL against computational denial of service attacks [9]. Other uses of client puzzles involve junk email mitigation [11], fair exchange [8,16], protection of sensor networks against DoS attacks [48], and time-lock puzzles [43].…”
Section: Related Work On Puzzlesmentioning
confidence: 99%